DHS CISO Talks about Authentication, Supply Chain and Internet Regulation

By Lloyd McCoy, Market Intelligence ManagerLloyd McCoy Jr.

At a recent immixGroup vendor demo day, Paul Beckman, CISO at the Department of Homeland Security, touched on several technological challenges and frustrations that concern him – topics ranging from patching to supply chain risk to the inevitability of security regulations surrounding the internet.

“I want to get out of the patching business,” Beckman noted, asking, “why can’t I go to automatic updates?” “I don’t understand why we’re still relying on the selected pushing of patches,” he continued. A decade ago a service patch might have created the “blue screen of death” on machines, Beckman said, so that even today, “the ops side of the house is telling me, ‘what are we going to do if we get a bad patch?’”

“My response to them is that restore capability has matured greatly in the last decade. Something goes bad in the machine, push a button, you’re back to where you were at midnight last night.” Beckman added that technology has advanced to the point where the bad patch argument can be discounted and end points can go to automatic patching.
Read more of this post

Mayors Reveal Visions and Goals for New Fiscal Year

By Rachel Eckert, SLED Manager

As we approach the start of a new fiscal year for many local governments, we’ve been able to catch a glimpse of the visions and goals for the upcoming year through State of the City addresses that highlight a city’s budget, goals and key issues. The importance of understanding these issues is the first step towards creating lasting relationships with local municipalities.

The National League of Cities has just released their 2019 State of the Cities Report  which analyzes the content of 153 of those State of the City speeches from around the country from cities of all sizes. Here are the top ten issues:

  1. Economic Development
  2. Infrastructure
  3. Health & Human Services
  4. Budgets & Management
  5. Energy & Environment
  6. Housing
  7. Public Safety
  8. Demographics
  9. Education
  10. Government Data & Technology

Most of the issues are not specifically technology related, however, that doesn’t mean that technology isn’t a vital component. Understanding the issues and what activities a city is planning to undertake to address them can give you insight into areas of opportunity. Read more of this post

GSA Making Headlines: Why You Need to Pay Attention

Adam Hyman, Director, Government Programs

If you haven’t noticed by now, you may have been too focused on the final season of Game of Thrones. However, it’s definitely time to turn your attention to what’s going on at the General Services Administration (GSA).

Over the course of the last year, GSA has been making headlines across the federal procurement marketspace by reaching agreement with various agencies to pull into the Schedule 70 program (via BPAs), former agency-specific requirements and IDIQs. While some may argue this is simply a grab for additional contract fees, it makes holding a schedule contract a critical prerequisite for even more federal opportunities. Recent and major opportunities have included:

  • 2nd Generation Information Technology (2GIT) BPA, formerly NETCENTS (valued at $5.5B)
  • Defense Enterprise Office Solutions (DEOS) BPA (valued at $8.2B)
  • Information Technology Supplies and Support Services (ITSSS) BPA (valued at $5B)
  • NOAA Mission Information Technology Services (NMITS) BPA (valued at $2.1B)

Approximately $20 billion in estimated business is expected to funnel through the Schedule 70 program. This doesn’t even include GSA’s plans for a DEOS sister BPA or the Civilian Enterprise Office Solutions (CEOS) BPA! Read more of this post

What the Defense Innovation Unit Wants Industry to Know About CSOs – Part 2

Stephanie MeloniEarlier this week we published Part 1 of “What the DIU Wants Industry to Know About CSOs”. Here, in Part 2, DIU answers additional questions, which delve deeper into the use of CSOs and possible future expansion as the need for adopting advanced commercial technologies continues.

A special thank you to DIU for the outreach and answering my questions!

SM: Do you think the spread of the CSO process is indicative that the Department is embracing a shift toward executing more OT agreements?
DIU: The past few NDAAs encouraged OT and CSO utilization. As more DoD partners experienced or witnessed the successes of DIU prototype projects as well as the capabilities of the non-traditional ecosystem, we have seen a groundswell in interest to adapt CSO procedures for different mission set use-cases. Additionally, OSD leadership issued a highly regarded OT guide and OT policy in November 2018 to help acquisition professionals leverage and demystify authority.

SM: Why use CSOs as opposed to traditional acquisition methods?
DIU: The ultimate goal of a CSO is to enable project teams the flexibility and freedom to execute purpose-driven contracts with best-of-breed companies, including traditional (subject to cost-sharing requirements) and non-traditional vendors. CSOs provide an opportunity for acquisition professionals to develop a deliberate based process focused on project outcomes instead of a default-driven process focused on compliance. CSOs and OTs in general are great acquisition instruments for experimenting and prototyping new technology, methodologies, etc. whereas the traditional acquisition authorities are geared towards procuring supplies and services. Truly, the authorities are highly complementary and should be used in conjunction with one another. Moreover, the potential to scale successful prototypes into production contracts provides a clear value proposition that incentivizes companies to seek out opportunities to work with the Department. Read more of this post

What the Defense Innovation Unit Wants Industry to Know About CSOs – Part 1

Stephanie MeloniBy Stephanie Meloni, Market Intelligence Manager

We received a tremendous response to my blog posting on Commercial Solutions Openings (CSOs) as another innovative option the government is using to quickly acquire commercial solutions—in fact, it was my most viewed blog ever!

In that blog, I mentioned that CSOs, a type of OTA designation, were initially piloted by the Defense Innovation Unit beginning in 2016. Defense Innovation Unit read my blog and offered to answer more in-depth questions I had about CSOs and OTAs and how they can help solve military challenges. I share their answers with you here, in a two-part series.

A special thank you to DIU for the outreach and answering my questions!

SM: What is DIU’s mission?
DIU: The Defense Innovation Unit (DIU) delivers advanced commercial technology into the hands of men and women in uniform to enhance national security. DIU partners with the services, combatant commands, and component organizations to seek out and rapidly prototype commercial solutions to military challenges while lowering barriers to entry for non-traditional companies interested in working with the Department of Defense (DoD).  There has never been a more important time for the military to leverage commercial technology. Former Secretary of Defense Ash Carter established DIU in August 2015 to capitalize on U.S. businesses’ growing investment in research and development (R&D) and venture capital funding of high-tech startups. Rapid technology developments led by the private sector and the global diffusion of emerging dual-use capabilities are changing the character of warfare. It is DIU’s mission to ensure the Department has a pathway for integrating these commercial capabilities at the speed of relevance to maintain a decisive military advantage over our adversaries. Read more of this post

Vendor Innovations in Cybersecurity: From Browsers to IoT to Mobile

By Tim Larkins, Senior Director, Market Intelligence and Corporate Development

Threats to network security have evolved and vulnerable attack vectors have expanded – from browsers to mobile devices to the increasingly interconnected appliances that are part of the Internet of Things (IoT). Vendors of cybersecurity solutions are now branching out beyond their initial niches to embrace wider aspects of security.

In immixGroup’s recent panel discussion during Cyber Ops Demo Day held earlier this month, six of industry’s most prominent vendors each described what they were doing to help prevent security breaches in this era of multiple security attack vectors.

Marlin McFate, federal CTO, Riverbed Technology, said his company has broadened its reach beyond network monitoring, application monitoring and user monitoring to security issues ranging from insider threat to exfiltration. Riverbed’s acquisition of FlowTraq has integrated that capability into its visibility solution. The technology allows for security problems to be analyzed from a behavioral perspective, to identify devices that are no longer acting like normal appliances or system users that are not actually part of the organization.

Read more of this post

Federal IT Needs a Culture Shift

Tom O'Keefe

By Tom O’Keefe, Consultant

At many of the events I’ve been attending around the beltway lately, a common theme in federal IT keeps coming up – culture as an impediment to change. Many of the CXOs I hear speaking all mention that to modernize outdated federal systems, the culture within an agency and around its technology has got to change.

That’s not to say that agencies are dismissive of their workforce, or that they don’t value their employees – on the contrary, many leaders recognize that their teams are the most valuable resource they have. But to transform federal IT, to unlock the value of data and to fully embrace the move to the cloud, agency IT leaders know they need to drag their workforce kicking and screaming into the 21st century.

At AFCEA Bethesda’s Law Enforcement and Public Safety Technology Forum, Sonny Bhagowalia, Deputy Assistant Commissioner, Office of Information Technology at Customs and Border Protection, highlighted the five things that federal IT leaders need to take into consideration: Read more of this post

%d bloggers like this: