IT | The Contracting Education Academy

March 31, 2020 By cs

How industry and government can partner for more secure systems

Industry needs to be able to tell government how software was developed and how security measures were integrated into it, a top official at the National Institute of Standards and Technology said March 10.

“Give us some evidence that those security features are actually in place and doing what they’re supposed to do,” said Ron Ross, a fellow at NIST who leads a new DevSecOps project.

Ross, speaking at an Advanced Technology Academic Research Center event on DevOps, said that the future of U.S. national and economic security hinges on industry and government getting the transition to DevOps and DevSecOps, two different software development approaches where collaboration and security considered from the beginning, because they are critical to national and economic security.

“All the work that’s going on now, whether it’s experimental or whether it’s becoming more mature, we need to be able to normalize this type of process so it becomes [something] people would just do routinely — it becomes institutionalized and operationalized across the entire federal government,” Ross said.

Industry, Ross said, is a critical partner in that process. The key is ensuring that customers no longer have to worry about the effectiveness and origin of security controls.

Keep reading this article at: https://www.fifthdomain.com/civilian/2020/03/10/how-industry-and-government-can-partner-for-more-secure-systems/

March 18, 2020 By cs

Acquisition contracts key to agencies opening telework options in face of coronavirus

There’s good news and bad news for agencies looking to ramp up telework in the wake of the coronavirus pandemic, according to federal contracting experts.

According to the CDC, a novel coronavirus was identified as the cause of an outbreak of respiratory illness first detected in Wuhan, China in 2019. It is formally named coronavirus disease 2019 (COVID-19).

The good news is federal acquisition contracts are set up for quick acquisition of essential telework equipment, such as laptops or tablets, said acquisition experts FCW spoke with.

The bad news could be that online scammers are watching the expanding tele-workforce with great interest.

The emphasis on agency telework is growing, and although most agency employees are already assigned computers, there may be some hardware gaps to fill as workforces move to remote locations.

Federal governmentwide acquisition contracts, such as NASA’s Services for Enterprise-Wide Procurement, the General Services Administration’s ordering schedule and the National Institutes of Health Information Technology Acquisition and Assessment Center (NITAAC) are set up to help quickly fill laptops, tablets and other IT commodity orders, they said.

Keep reading this article at: https://washingtontechnology.com/articles/2020/03/11/coronavirus-telework-procurement-hardware.aspx

The Contracting Education Academy at Georgia Tech has established a webpage where all contract-related developments related to the coronavirus (COVID-19) are summarized. Find the page at: https://contractingacademy.gatech.edu/coronavirus-information-for-contracting-officers-and-contractors/

March 13, 2020 By cs

Risk is high that GSA’s latest telecom contract suffers same fate as last two

The General Services Administration’s Enterprise Infrastructure Solutions (EIS) program is facing the same fate as its predecessor — delays in transition will cost the government millions of dollars and push IT modernization further back on the priority list.

The difference between the failure of Networx and the potential problems EIS is facing, however, is the recognition by some lawmakers that it’s not entirely GSA’s fault.

The House Oversight and Reform Subcommittee on Government Operations wants to hold agency chief information officers and other leadership accountable for not moving fast enough to take advantage of the new contract.

“We learned a tremendous amount of lessons and, in fact, I credit GSA for incorporating those lessons learned from the Networx transition into their guidance and disseminating those lessons to the agencies,” said Carol Harris, director of IT acquisition management issues at the Government Accountability Office, during a subcommittee hearing on March 4. “Now the onus is on the agencies to get their house in order and move quickly to ensure that they are moving onto EIS as quickly as possible.”

Keep reading this article at: https://federalnewsnetwork.com/hearings-oversight/2020/03/risk-is-high-that-gsas-latest-telecom-contract-suffers-same-fate-as-last-two/

March 10, 2020 By cs

Agencies struggle with DevOps procurement

DevOps remains a “small pilot effort on a handful of applications” at many federal agencies, in part, because it requires accepting greater ambiguity in the procurement process, according to a new white paper.

**Click on the image above to download the DevOps white paper.**

ACT-IAC defines DevOps as an organizational philosophy where practices like the agile software development methodology are combined with tools to rapidly deliver IT apps and services.

ACT-IAC’s DevOps Working Group released a white paper last week compiled from survey results and hundreds of conversations with government officials. The paper includes case studies from agencies six agencies: the U.S. Patent and Trademark Office, U.S. Citizenship and Immigration Services, IRS, National Museum of African American History and Culture, National Park Service, and National Science Foundation.

DevOps has agencies seek potential solutions earlier in the development process than traditional procurement, when specific requirements aren’t known, which makes evaluating contracts more challenging, according to the paper.

Keep reading this article at: https://www.fedscoop.com/agencies-devops-procurement-challenges/

January 27, 2020 By cs

These IT, cyber provisions in the NDAA may have flown under your radar

The 2020 National Defense Authorization Act always is chalk full of interesting and impactful policy changes or updates.

The thing with the 1,794-page bill is knowing where to look.

No one person can read through the roughly 8 pounds of paper without missing a few important nuggets. So with some help of some federal experts, I dug into the NDAA and found several provisions that likely flew under your radar:

Marine Corps Maj. Gen. Dennis Crall, the senior military adviser for cyber policy for the Defense Department’s chief information officer, offered simple advice at the recent AFCEA Northern Virginia luncheon: “Read the NDAA.”

Specifically, Crall wanted industry to look at the provision requiring each military service to create a principal cyber adviser — Section 905, if you are keeping score at home.

“Congress gave us very directed tasks and responsibilities for this new billet or this new role. There are also some implied tasks. The services need some time to go through this and decide how they are going to provide a level of sufficient implementation,” Crall said.

Keep reading this article at: https://federalnewsnetwork.com/reporters-notebook-jason-miller/2020/01/these-it-cyber-provisions-in-the-ndaa-may-have-flown-under-you-radar/