CDM Notes: EO 14028 deadline is looming. Is your company ready to help?

By Amanda Mull, Contract Specialist

Cybersecurity specialists in the federal government are probably feeling the pinch right about now. By October 9, agencies will need to report on their current software systems as part of Executive Order 14028 on Improving the Nation’s Cybersecurity. If you are a vendor of cybersecurity products, you’d be well advised to make sure your business is appropriately listed – sooner, not later.

Following completion of their EO/OMB reports, agencies are to identify areas at high risk for cyberattacks – such as data theft, ransomware, and disturbances or exploitation of email or other communications.  By Identifying these vulnerabilities and whether agencies may be dependent on specific software or system providers, the federal government hopes to gain greater insight into problem areas.

Read more of this post

3 Public Resources You Need to Prepare for Meeting With DOD

By Toné Mason, Senior Analyst

Abraham Lincoln once said, “Give me six hours to chop down a tree and I will spend the first four sharpening the axe.”

Investing time in being prepared prior to meeting with a government contact is vital — especially if you are diving into new departments and agencies within the DOD. Here are 3 top public resources at your disposal – and they are free!

Read more of this post

CMMC Interim Rule Includes New Compliance Requirements

By Hollie Kapos, Corporate Counsel

You never know what surprises will pop up in the last few days of the government’s fiscal year, and this year there was a big one with the Interim Rule implementing DOD’s Cybersecurity Maturity Model Certification (CMMC).

The Interim Rule (“IR”), published on September 29, 2020 and effective as of November 30, 2020, adds the widely anticipated new DFARS clause for inclusion in DOD contracts implementing CMMC: 252.204-7021 (Contractor Compliance with the Cybersecurity Maturity Model Certification Level Requirement). No surprise there.

But, the IR unexpectedly came with two additional clauses, DFARS 252.204-7019 (Notice of NIST SP 800-171 DOD Assessment Requirements) and DFARS 252.204-7020 (NIST SP 800-171 DOD Assessment Requirements), which require the immediate attention of federal contractors and their subs.  Read more of this post

DOD ESI BPAs: What CETA Is and Why It Is Important

By Derek Giarratana, Supplier Manager

Many of you are familiar with DOD ESI BPAs, but you’re probably not as familiar with the CETA designation and what it means.

Only one vendor has received the CETA designation thus far. Recently, the Navy PEO-EIS designated the Tanium DOD ESI BPA, held by immixGroup, as the first DOD Core Enterprise Technology Agreement (CETA). The CETA designation means that this purchasing vehicle is mandatory for all DOD customers who want to procure Tanium products and services.

DOD Enterprise Software Initiative

Before we dive into CETA and what it means for DOD procurement, let’s briefly talk about the DOD ESI program, managed by the PMW 290 Project Office. Read more of this post

Top Trending Technologies in DOD for 2020

By Toné Mason, DOD Senior Analyst

FY20 has truly been the year of technology acceleration within the Department of Defense. Our world has never been more capable technology-wise than it is today. The arrival of 5G and the new challenges brought on by a rapidly expanding remote workforce have catapulted the adoption of new and innovative technologies.

The DOD is at a point where they are looking to gain a better understanding of currently available technologies and applying them where it makes the most sense. Below are some of the key areas the DOD is focused on right now.

Data Integrity

Data integrity is one of the essential areas. As the need for transparency increases and desire to expand more into AI and machine learning, there has been more of a realization that DOD’s data is not consistent, not all data is being recorded and data is incomplete. Read more of this post

Winners in the FY21 Defense Budget Request

By Toné Mason, Senior DOD Analyst

The President is requesting $705.4B in DOD funding for FY21, which is a modest 0.1% increase from FY20. The biggest winner by far is U.S. Space Force, but there are still plenty of opportunities across DOD and the services for IT vendors.

Announced in FY20, funding for Space Force in FY21 is largely focused on providing funding for the establishment of the organization as a whole. More details regarding metrics and objectives are anticipated to be further developed over the next few years. From what we know at this time, automation, infrastructure, cyber and data analytics are anticipated to be key areas of interest for them.

Here’s a summary of DOD budget highlights for FY21. Read more of this post

If You Sell to DOD, Pay Attention to CMMC

By Troy Fortune, Vice President & General Manager

You’ve probably heard that the Department of Defense (DOD) recently released the official version 1.0 of its new Cybersecurity Maturity Model Certification (CMMC 1.0).

This is one of the hottest topics in government contracting right now and immixGroup is following developments very closely. And, it will affect everyone in our industry who sells to DOD – resellers, distributors and OEMs. 

As a quick refresher, this is a cybersecurity standard that all contractors must meet if they want to do business with DOD. As we’ve discussed before in a previous blog, the standards themselves are taken from existing ones. With CMMC 1.0, we now have more clarity on what the 5 levels of CMMC entail: Read more of this post

Space Force…Lasers, Satellites, Debt, Oh My!

By Toné Mason, DOD Senior Analyst

The Space Force has finally been established and its focus will be on national security and the preservation of satellites. But what exactly is it and where is it going? Will it include spaceships that shoot out laser beams?

Lots of people are asking lots of questions, but let’s get started with the biggest elephant in the room – armed combat. The Space Force will not include armed combat scenarios and the Air Force has no intentions to make it that way. Now that bubbles have been burst, what is the point of the Space Force if it won’t include armed combat? Why do we need a Space Force if there will be no armed combat? Read more of this post

Tips for Preparing for DOD’s New CMMC

By Hollie Kapos, Corporate Counsel

The Cybersecurity Maturity Model Certification (CMMC) has been one of the hottest topics in government contracting this year. In fact, one of my colleagues addressed the topic in a blog on DOD and CMMC just a few months ago.

And no wonder everyone’s talking about it – it applies to ALL companies doing business with DOD, including OEMs, distributors and resellers. Here’s some basic information to help you prepare no matter where you are in the supply chain.

What is CMMC?

Intellectual property theft and cybercrime cost the United States billions of dollars and threatens national security. In order to protect government information from theft and other malicious cyber activity, DOD is making cybersecurity an acquisition foundation. Accordingly, DOD is developing the Cybersecurity Maturity Model Certification – a certification process to measure a company’s ability to protect sensitive government data.

Read more of this post

Federal Modernization Challenges and Priorities for FY20

By Jessica Parks, Analyst

Data visibility, cloud and emerging technologies were important themes at a the recent IT Modernization summit hosted by FCW. The conference sessions brought together acquisition and IT officials from a variety of federal agencies, small and large, both civilian and DOD, who shared how their agencies are delivering on modernization goals.

Here are more details about these topics and advice on how you can position your company and solutions to stand out from the crowd.

Data Visibility

Agencies need improved visibility into their data. Data is the cornerstone of multiple technologies, powering AI and machine learning algorithms and bolstering cybersecurity efforts. It is, quite simply, crucial for government agencies to be able to gain as much insight into their data as possible in order to keep pace with rapid technological developments. Don Heckman, Principal Director in the Deputy Chief Information Office for Cybersecurity at DOD, noted that “visibility into assets is a huge challenge” for the agency. Read more of this post

%d bloggers like this: