DoD plots third chapter in Better Buying Power initiative

Nothing is on paper yet, but the Defense Department says it is in the very early stages of creating a “3.0″ version of its ongoing Better Buying Power initiative.

The newest edition will focus on making sure the military doesn’t fall behind in technological superiority.

Frank Kendall, the undersecretary of Defense for acquisition, technology and logistics, said the next edition of the Pentagon’s effort to improve its acquisition system will zero in on an issue that he has become increasingly worried about as sequestration-level budgets take a toll on DoD’s investments in research and development.

While he emphasized that Better Buying Power 3.0 still is in the idea stage, he said it will revolve around the notion that DoD can’t afford to put technology advances on hold just because research dollars are shrinking.

“The first iteration was about the rules. The second one was about creating tools to help people think and do a better job of setting up business deals and executing them. The third is probably going to be about innovation and how we move things more rapidly and more effectively into the hands of warfighters,” he said Tuesday (Apr. 8, 2014) at the 15th annual Science and Engineering Technology Conference sponsored by the National Defense Industrial Association in College Park, Md.

Keep reading this article at: 

GSA announces plan to simplify federal contracting

The General Services Administration’s contracting division is developing a new Web platform and business structure to bring more expertise to complicated acquisitions, the agency said April 9, 2014.

The new initiative, called Category Management, will involve assigning a Federal Acquisition Service manager in charge of each of several acquisition categories, such as information technology, professional services and travel.

Those managers will help develop a Common Acquisition Platform with information about contract vehicles, historical prices and other data related to specific procurements, FAS Commissioner Thomas Sharpe said in a 1,000-word blog post.

The acquisition platform will eventually include several tools related to specific categories of government purchases, according to the blog post.

Keep reading this article at: 

Three IT procurement problems worth solving

The arduous process that small technology vendors must go through in order to contract with government agencies is preventing government innovation when we need it most. As the CEO of 12-person tech firm that recently went through the process, I have experienced this first hand.  [Note: This article represents the personal views of Kuang Chen is the CEO and founder of Captricty, a government contractor.]

While a partnership with the federal government is unusual for a company of our size, we got lucky. We were introduced early on to an internal advocate who saw the value of our solution to transform paper backlogs into digital data at the Food and Drug Administration — performing weeks of manual entry in hours to update a critical drug safety database. As we learned, even with a strong advocate, the procurement hurdles were significant. After getting proof of concept in two short weeks, it took two more months to prepare the paperwork for a security authorization to operate (ATO) and five months for a stop-gap contract. Even after clearing the original paper jam, we are without a contract to handle the additional demand that is now flooding our way.

So where should government begin when thinking about how to streamline the process?  Here are three observations:

  1. Security review is confusing and cumbersome.
  2. Complex contracting offers no simple path for a relatively small project.
  3. Existing procurement models don’t work for new technologies.

Keep reading this article at: 

In tech buying, the U.S. is still stuck in the last century

Four years after President Obama vowed to “dramatically reform the way we do business on contracts,” the spectacular failure of the website has renewed calls for changes in how the government hires and manages private technology companies.

But despite Mr. Obama’s promises in the last two months to “leap into the 21st century,” there is little evidence that the administration is moving quickly to pursue an overhaul of the current system in the coming year.

Outside experts, members of Congress, technology executives and former government officials say the botched rollout of the Affordable Care Act’s website is the nearly inevitable result of a procurement process that stifles innovation and wastes taxpayer dollars. The Air Force last year scrapped a $1 billion supply management system. Officials abandoned a new F.B.I. system after spending $170 million on it. And a $438 million air traffic control systems update, a critical part of a $45 billion nationwide upgrade that is years behind schedule, is expected to go at least $270 million over budget.

Longstanding laws intended to prevent corruption and conflict of interest often saddle agencies with vendors selected by distant committees and contracts that stretch for years, even as technology changes rapidly. The rules frequently leave the government officials in charge of a project with little choice over their suppliers, little control over the project’s execution and almost no authority to terminate a contract that is failing.

Keep reading this article at:

Georgia Tech expands cyber security educational offerings into certificate program

Georgia Tech Professional Education (GTPE), in cooperation with the Georgia Tech Research Institute (GTRI), now offers a Cyber Security Certificate that offers participants a more in-depth approach, including a focus on policy-making, people issues and engineering frameworks for cyber security.

The five-course certificate is composed of one required course and four electives, and applies systems engineering principles to create a holistic approach to cyber security. Choosing from seven courses, participants can customize their certificate to give a unique focus to particular topics.

According to Terrye Schaetzel, director of Educational Outreach with GTRI, this course will help organizations move their cyber security efforts from a reactive approach to a predictive model.

“Cyber Security is not just an information technology (IT) function,” said Schaetzel, who works with GTRI’s Cyber Technology and Information Security Laboratory (CTISL). “It is becoming a core strategic function of any organization. This certificate and courses enable people to take a broader look at the whole picture of cyber security.”

Designed for technical professionals who lead cyber security efforts and aspire to be CISO’s (Chief Information Security Officers), the courses also enable participants to further develop critical thinking skills. Hands-on labs and exercises provide a deeper understanding of solutions to help counter increasing threats to cyber security.

Each course takes roughly three to four days, which allows for a relatively quick turnaround for the certificate. All requirements for the certificate must be completed within six years from the date of completion of the first course.

For more information, please visit:

Carter: Pentagon’s Acquisition System Still Not ‘Responsive’

U.S. Deputy Defense Secretary Ash Carter is on his way out the door in two weeks. In 2009, he took over as the Under Secretary of Defense for Acquisition, Technology and Logistics and led that office until 2011 when was nominated as the Pentagon’s No. 2.

He’s been in charge of overseeing major changes to the Defense Department’s acquisition process as former Defense Secretary Robert Gates as well as his successors leaned on Carter to pare down the budgets and help cut bloated weapons programs.

Just days before Carter is scheduled to leave his post at the Pentagon, Carter made a not all too surprising, but jarring comment in a Nov. 29, 2013 interview with the Wall Street Journal:

“We have to have a military that is agile in a modern world where technology is changing so fast,” Carter told the Wall Street Journal. “The Pentagon’s way of doing business simply isn’t responsive.”

Keep reading this article at: 

Five-year cost of IT procurement reform estimated at $145 billion

The Congressional Budget Office (CBO) estimates the cost to amend laws regulating how the federal agencies acquire and manage information technology projects would cost nearly $145 billion to implement for fiscal years 2014 through 2018.

That bill would use pay-as-you-go procedures for funding, and agencies not affected by annual appropriations could feel effects on direct spending, the CBO said Nov. 12, 2013.  (See cost estimate at: )

Under current law, the CBO estimates the federal government spends $50 billion per year to acquire IT products and services through interagency contracts.

Air Force embraces OASIS multiple award contracting vehicle

The General Services Administration’s OASIS contracting vehicle already has changed the Air Force’s procurement operations for the better, one of the Air Force’s top acquisition officers says.

The Air Force’s participation in GSA’s $60 billion One Acquisition Solution for Integrated Services multiple award contracts “has simplified the decision process,” said Maj. Gen. Wendy Masiello, the USAF director of contracting.

The Air Force has embraced OASIS in the last several months. In August, the Air Force Space and Missile Command said it wanted to use the dedicated OASIS Small Business contract instead of its own SMC Technical Support program. GSA estimated the value of the commitment, which will encompass virtually all systems engineering and technical assistance activities at Los Angeles Air Force Base, at $472 million over five years.

Keep reading this article at:

Georgia Tech warns of threats to cloud data storage and mobile devices in report of ‘emerging cyber threats’

As more businesses find their way into the cloud, few engage in security measures beyond those provided by the associated cloud storage firm, a new report from Georgia Tech notes. Even fewer seek heightened data protection because of concerns that usability and access to remote data would be significantly reduced.

These concerns are among findings made by the Georgia Tech Information Security Center (GTISC) and the Georgia Tech Research Institute (GTRI) in today’s release of the Georgia Tech Emerging Cyber Threats Report for 2014. The report was released at the annual Georgia Tech Cyber Security Summit, a gathering of industry and academic leaders who have distinguished themselves in the field of cyber security.
“With recent revelations of data collection by the federal government, we will continue to see a focus on cloud security,” said Wenke Lee, director of GTISC. “But encryption in the cloud often impacts data accessibility and processing speed. So we are likely to see increased debate about the tradeoffs between security, functionality and efficiency.”

Encryption challenges were a focus at this year’s summit, which featured some of the nation’s top information security experts. These included keynote speaker Martin Hellman, professor emeritus at Stanford University and one of the inventors of public key cryptography, a way of securing communications without relying on pre-shared secrets.

In related findings, the report reveals security issues involving the “Internet of Things,” referring to the notion that the increase of Internet-capable devices could create opportunities remote hacking and data leakage. With everything from home automation to smartphones and other personal devices becoming connected to the Internet, these devices will capture more real-world information and could permit outside parties, companies, and governments to misuse that information.

In the mobile space, even though designers of mobile devices and tablets have developed a robust ecosystem to prevent large-scale device compromises, the report finds that the threat of malicious and potentially targeted use remains. Earlier this year, researchers at Georgia Tech reported that they found ways to bypass the vetting process of Apple’s App Store and subsequently showed how malicious USB chargers can be used to infect Apple iOS devices.

“No matter how successful we have been, black hat operatives will continue to attack infrastructure at every angle possible, making cyber security a global issue for years to come,” said Bo Rotoloni, director of GTRI’s Cyber Technology and Information Security Laboratory (CTISL). “We must remain vigilant. The purpose of this Summit and Report is to raise awareness, create educational opportunities and maintain an ongoing dialogue among industry, academia and government.”

The Georgia Tech Cyber Security Summit is a forum for the IT security ecosystem to gather together, discuss and debate the evolving nature of cyber threats, and to chart the course for creating collaborative solutions.

In addition to Hellman’s keynote address, the 2013 Summit included a panel of security experts from Microsoft, Splunk, Dell Secureworks, Solera Networks and Georgia Tech.

The Georgia Institute of Technology is one of the nation’s leading public research universities and the home of cyber security research and education initiatives through GTISC, GTRI and other facilities across campus. These efforts focus on producing technology and innovations that help drive economic growth and improve daily life on a global scale.

The report is available for download at

Payments to contractor questioned during overhaul

Government contracts with a major vendor building drew scrutiny in the past, a 2007 audit shows.

In 2011, the Centers for Medicare and Medicaid Services awarded Canada-based CGI a $94 million contract to construct the public face of the Obamacare insurance marketplace. According to BusinessWeek, that contract has reached a value of roughly $277 million. The website hosting the marketplace,, has been barely functional at best since it launched on Oct. 1.

Six years ago, CGI’s compensation for work on another CMS website raised eyebrows.  The company received $2.6 million in “questionable payments” for a revamp of and an existing claims appeals system to handle prescription drug benefits. CMS may have violated its own rules in some payments to CGI, and at least four of the company’s invoices contained suspicious charges, according to a government audit.

The fees, found among a $25.7 million sampling of bills, were questionable because they were potentially improper, unsubstantiated or wasteful, the audit said. Examiners identified questionable payments to CGI and about 15 other contractors implementing the 2003 Medicare Prescription Drug, Improvement, and Modernization Act.

Keep reading this article at: