New Federal Fiscal Year – Have You Managed Contract Funding Risk?

Standard

fiscal-year-end-copy

INTRODUCTION
As the federal fiscal year draws to a close and the new year opens this month, an astute contractor will have examined the funding status of all government contracts for risk.

Limitation of funds and funding exposure must be a vital topic for every government contractor.

THE FUNDING CHALLENGE


Many federal contracts are funded incrementally, usually based on the government fiscal year that runs from 1 October to 30 September. Although the government may negotiate dollar price ceilings for cost plus and time and materials contracts or firm, fixed total price arrangements, the contracts themselves may be incrementally funded, particularly if they extend over two government fiscal years. A contract may contain negotiated prices or a cost ceiling but also specify an incremental funding value.

The contractor is required to inform the government when actual costs incurred plus obligations to suppliers or payroll on a specific contract reach certain thresholds of the current incremental funding specified in the contract (usually 80%). The government is then obligated to further fund the contract.
In the event the contract is not funded further, the contractor has the right to stop work before he exceeds the incremental funding. Some contractors choose to operate on “risk,” continuing to perform on a contract while exceeding the incremental funding in booked cost and obligations.
The government is under no obligation to reimburse the contractor for invoiced amounts exceeding incremental funding. Nearing the end of a government fiscal year, a contractor may find delays in funding reaching all the way to congress. This situation must be managed with the government contracting officer. Limitation of Funds and Funding Exposure


STOP WORK ORDER
In the current political climate with a new Presidency at hand, Sequestration still in vogue and new fiscal year appropriations being incrementally approved by Congress, contractors may receive stop work orders from agencies unless their contracts were fully funded in the previous fiscal year.   Even then, the government reserves the right to de-obligate funding on contracts, which can effectively bring them to a halt.

Stop work orders are serious matters and require special handling to comply with government direction and manage the associated financial risk.

Upon receipt of a stop work order you have no guarantee of payment for any transaction date-stamped in your accounting system after the date of the stop work order (or the commencement date of a stop work order specified in a Contracting Officer’s Letter).

Applicable charge numbers in the accounting system must be closed until the stop work order is lifted and any effected suppliers and subcontractors must be notified to do the same.

To the degree the government has made progress payments or has any other form of payment invested in a physical product to date it has ownership rights. If that is the case, treat the physical material work-in-process as government owned, store it as such without performing any more effort on it and await further disposition.

To the degree the government has not paid anything on the contract or delivery order they have no ownership rights to the physical product and you are free to complete it and sell it to another customer (commercial or government that has not stopped work). If the government recommences the order, quote a new price and delivery from ground zero.

At the bottom line a stop work is blunt and to the point.  Treat it as if you will never hear from this customer again to manage the risk.

To the degree you do hear from the Contracting Officer again and he or she has the funding to recommence work, be prepared to submit a proposal for what it will take to start the effort and a realistic delivery schedule to complete the it, but do not build any retroactive costs incurred during the stop work period into your logic and expect to bill them; they may not come to payment fruition.

Continuing effort on a contract after receipt of a stop work is high risk. Astutely managing your options is a far better approach.   What is a Government Contract Stop Work Order?

SUMMARY

Having a limitation of funds and funding exposure process in the company should be a standard part of doing business.  A, shrinking, remaining funding level condition on incrementally funded contracts should trigger a risk analysis and government notification process throughout the year.  The federal fiscal year-end brings an additional element of risk to the process with the annual budgeting, approval and appropriations process required by law.

The Real Versus Perceived Power Of The U.S. Presidency

Standard

the-practical-power-of-the-president

A NOTE FROM THE EDITOR: 


Those of us in the Military Veteran Community, as well as those among us who have worked for years with the federal government, have become concerned in recent years about the public view of the Office of the President.  


Below are selected excerpts from a classic article by George Friedman, prior to the 2012 National Election. It is our hope that the content will continue bringing reality to American citizen expectations on the eve of the 2016 election. 



STRATFOR GEOPOLITICAL WEEKLY 

“The American presidency is designed to disappoint. 


What the winner actually can deliver depends upon what other institutions, nations and reality will allow him or her.


Each candidate must promise things that are beyond their power to deliver. No candidate could expect to be elected by emphasizing how little power the office actually has and how voters should therefore expect little from him. 


So candidates promise great, transformative programs.  Though the gap between promises and realities destroys immodest candidates, from the founding fathers’ point of view, it protects the republic. They distrusted government in general and the office of the president in particular.

Congress, the Supreme Court and the Federal Reserve Board all circumscribe the president’s power over domestic life. This and the authority of the states greatly limit the president’s power, just as the country’s founders intended. To achieve anything substantial, the president must create a coalition of political interests to shape decision-making in other branches of the government. Yet at the same time — and this is the main paradox of American political culture — the presidency is seen as a decisive institution and the person holding that office is seen as being of overriding importance.

The president has somewhat more authority in foreign policy, but only marginally so. He is trapped by public opinion, congressional intrusion, and above all, by the realities of geopolitics. Thus, while during his 2000 presidential campaign George W. Bush argued vehemently against nation-building, once in office, he did just that (with precisely the consequences he had warned of on the campaign trail). And regardless of how he modeled his foreign policy during his first campaign, the 9/11 attacks defined his presidency. 

Similarly, Barack Obama campaigned on a promise to redefine America’s relationship with both Europe and the Islamic world. Neither happened. It has been widely and properly noted how little Obama’s foreign policy in action has differed from George W. Bush’s. It was not that Obama didn’t intend to have a different foreign policy, but simply that what the president wants and what actually happens are very different things.

The power often ascribed to the U.S. presidency is overblown. But even so, people — including leaders — all over the world still take that power very seriously. They want to believe that someone is in control of what is happening. The thought that no one can control something as vast and complex as a country or the world is a frightening thought. Conspiracy theories offer this comfort, too, since they assume that while evil may govern the world, at least the world is governed. There is, of course, an alternative viewpoint, namely that while no one actually is in charge, the world is still predictable as long as you understand the impersonal forces guiding it. This is an uncomfortable and unacceptable notion to those who would make a difference in the world. For such people, the presidential race — like political disputes the world over — is of great significance.

Ultimately, the president does not have the power to transform U.S. foreign policy. Instead, American interests, the structure of the world and the limits of power determine foreign policy.

In the broadest sense, current U.S. foreign policy has been in place for about a century. During that period, the United States has sought to balance and rebalance the international system to contain potential threats in the Eastern Hemisphere, which has been torn by wars. The Western Hemisphere in general, and North America in particular, has not. No president could afford to risk allowing conflict to come to North America.

At one level, presidents do count: The strategy they pursue keeping the Western Hemisphere conflict-free matters. During World War I, the United States intervened after the Germans began to threaten Atlantic sea-lanes and just weeks after the fall of the czar. At this point in the war, the European system seemed about to become unbalanced, with the Germans coming to dominate it. In World War II, the United States followed a similar strategy, allowing the system in both Europe and Asia to become unbalanced before intervening. This was called isolationism, but that is a simplistic description of the strategy of relying on the balance of power to correct itself and only intervening as a last resort.

During the Cold War, the United States adopted the reverse strategy of actively maintaining the balance of power in the Eastern Hemisphere via a process of continual intervention. It should be remembered that American deaths in the Cold War were just under 100,000 (including Vietnam, Korea and lesser conflicts) versus about 116,000 U.S. deaths in World War I, showing that far from being cold, the Cold War was a violent struggle. 

The decision to maintain active balancing was a response to a perceived policy failure in World War II. The argument was that prior intervention would have prevented the collapse of the European balance, perhaps blocked Japanese adventurism, and ultimately resulted in fewer deaths than the 400,000 the United States suffered in that conflict. A consensus emerged from World War II that an “internationalist” stance of active balancing was superior to allowing nature to take its course in the hope that the system would balance itself. The Cold War was fought on this strategy.

Between 1948 and the Vietnam War, the consensus held. During the Vietnam era, however, a viewpoint emerged in the Democratic Party that the strategy of active balancing actually destabilized the Eastern Hemisphere, causing unnecessary conflict and thereby alienating other countries. This viewpoint maintained that active balancing increased the likelihood of conflict, caused anti-American coalitions to form, and most important, overstated the risk of an unbalanced system and the consequences of imbalance. Vietnam was held up as an example of excessive balancing.

The counterargument was that while active balancing might generate some conflicts, World War I and World War II showed the consequences of allowing the balance of power to take its course. This viewpoint maintained that failing to engage in active and even violent balancing with the Soviet Union would increase the possibility of conflict on the worst terms possible for the United States. Thus, even in the case of Vietnam, active balancing prevented worse outcomes. The argument between those who want the international system to balance itself and the argument of those who want the United States to actively manage the balance has raged ever since George McGovern ran against Richard Nixon in 1972.

If we carefully examine Obama’s statements during the 2008 campaign and his efforts once in office, we see that he has tried to move U.S. foreign policy away from active balancing in favor of allowing regional balances of power to maintain themselves. He did not move suddenly into this policy, as many of his supporters expected he would. Instead, he eased into it, simultaneously increasing U.S. efforts in Afghanistan while disengaging in other areas to the extent that the U.S. political system and global processes would allow.

Obama’s efforts to transition away from active balancing of the system have been seen in Europe, where he has made little attempt to stabilize the economic situation, and in the Far East, where apart from limited military repositioning there have been few changes. Syria also highlights his movement toward the strategy of relying on regional balances. The survival of Syrian President Bashar al Assad’s regime would unbalance the region, creating a significant Iranian sphere of influence. Obama’s strategy has been not to intervene beyond providing limited covert support to the opposition, but rather to allow the regional balance to deal with the problem. Obama has expected the Saudis and Turks to block the Iranians by undermining al Assad, not because the United States asks them to do so but because it is in their interest to do so.

Obama’s perspective draws on that of the critics of the Cold War strategy of active balancing, who maintained that without a major Eurasian power threatening hemispheric hegemony, U.S. intervention is more likely to generate anti-American coalitions and precisely the kind of threat the United States feared when it decided to actively balance. In other words, Obama does not believe that the lessons learned from World War I and World War II apply to the current global system, and that as in Syria, the global power should leave managing the regional balance to local powers.

As I have argued from the outset, the American presidency is institutionally weak despite its enormous prestige. It is limited constitutionally, politically and ultimately by the actions of others. Had Japan not attacked the United States, it is unclear that Franklin Roosevelt would have had the freedom to do what he did. Had al Qaeda not attacked on 9/11, I suspect that George W. Bush’s presidency would have been dramatically different.

The world shapes U.S. foreign policy. The more active the world, the fewer choices presidents have and the smaller those choices are. Obama has sought to create a space where the United States can disengage from active balancing. Doing so falls within his constitutional powers, and thus far has been politically possible, too. But whether the international system would allow him to continue along this path should he be re-elected is open to question. Jimmy Carter had a similar vision, but the Iranian Revolution and the Soviet invasion of Afghanistan wrecked it. George W. Bush saw his opposition to nation-building wrecked by 9/11 and had his presidency crushed under the weight of the main thing he wanted to avoid.

Presidents make history, but not on their own terms. They are constrained and harried on all sides by reality. In selecting a president, it is important to remember that candidates will say what they need to say to be elected, but even when they say what they mean, they will not necessarily be able to pursue their goals. The choice to do so simply isn’t up to them. There are two fairly clear foreign policy outlooks in this election. The degree to which the winner matters, however, is unclear, though knowing the inclinations of presidential candidates regardless of their ability to pursue them has some value.

In the end, though, the U.S. presidency was designed to limit the president’s ability to rule. He can at most guide, and frequently he cannot even do that. Putting the presidency in perspective allows us to keep our debates in perspective as well.”

STRATFOR Geopolitical Weekly – July 31, 2012

stratfor-ceo-george-friedman

George Friedman is a geopolitical forecaster and strategist on international affairs. He is the founder and chairman of Geopolitical Futures, an online publication that analyzes and forecasts the course of global events. Prior to founding Geopolitical Futures, Friedman was chairman of Stratfor, the private intelligence publishing and consulting firm he founded in 1996.

 

 

 

 

No Protection for IC Whistle Blower Contractors

Standard

edward-snowden-whistleblower-575

(Photo: Mike Mozart / Flickr)

“POGO”

“The restoration of Intelligence Community (IC) contractor whistle blower rights would help safeguard billions of taxpayer dollars in government contracts, grants, and reimbursements annually.

“Snowden:  “I had read the laws. I knew that there were no whistle blower protections.”

Snowden’s disclosure to the media is a perfect example of why intelligence contractors need a mechanism to safely disclose suspected waste, fraud, and abuse.

Three years after Edward Snowden’s leaks, it appears that everyone has an opinion about him—traitor, hero, or somewhere in between. However, there is one undeniable fact surrounding Snowden’s circumstances that has been misreported by Congress and the Executive Branch far too many times: the Intelligence Community (IC) contractor would have had almost no protections had he come forward through proper channels.

Sure, Snowden could have gone to his supervisors and disclosed his concerns. However, had that supervisor retaliated against Snowden by firing him or demoting him, he would have had no protections because he was an IC contractor. In the absence of adequate protections, IC contractors have only two alternatives to almost certain retaliation: 1) remain silent observers of wrongdoing, or 2) make anonymous leaks.

This has not always been the case though. In fact, IC contractors enjoyed the gold standard of whistleblower protections for four years, between 2008 and 2012.

The NDAA for fiscal year 2008 contained temporary provisions that allowed all Department of Defense (DoD) contractors, including those at the National Security Agency (NSA), to enforce their whistleblower rights through district court jury trials. Additionally, in 2009, comprehensive whistleblower protections were enacted for all government contract employees paid with stimulus funds, including other IC agencies like the Central Intelligence Agency. Contrary to predictions that contractor whistleblowers would flood the courts, only 25 cases were filed from 2008 through 2012 under the DoD contractor provision (including from the intelligence community).

This whistleblower shield was so successful in deterring contractor waste and abuse that the Council of Inspectors General for Integrity and Efficiency proposed a permanent expansion for all government contractors. In 2012, McCaskill introduced a whistleblower protection amendment for all government contractors that won bipartisan Senate approval in the fiscal year 2013 NDAA.

However, during that NDAA’s closing conference committee negotiations, whistleblower rights were extended only to contractors outside of the intelligence community. Preexisting rights for IC contractors were also removed, despite a proven track record that the law was working as intended and no evidence that the law had any adverse impacts on national security during its five-year lifespan.

To better protect taxpayer dollars, our country and Americans’ privacy, Congress must restore whistleblower protections for intelligence contractors and stop feeding the false narrative that such protections exist.”

http://www.pogo.org/blog/2016/09/protect-whistleblowers-ic-contractors.html

 

 

Marine Corps to Equip Infantry Units With Polaris ATVs

Standard

polaris-atv-for-marines

“DOD BUZZ”

“The U.S. Marine Corps is about to outfit its infantry regiments with a version of the Polaris Defense MRZR four-seater, all-terrain vehicle.

Vehicles are designed to be carried inside a V-22 Osprey.

Under the Utility Task Vehicle program, the Marines are planning to purchase 144 Polaris MRZR-Ds, a new version of the vehicle designed to take diesel and JP8 fuel, Joaquin Salas, business development fort Polaris Defense, told Military.com Tuesday at Modern Day Marine 2016.

The vehicles are scheduled to go into production in October. In addition to the four crew seats, the MRZR-D features a small cargo bed and is capable of carrying 1,500 pounds of payload, Salas said. “It enables them to deploy long distance in the V-22, and then when they get to the ground they are not stuck with only their feet to move logistics.”

The U.S. Army’s 1st Brigade Combat Team of the 82nd Airborne Division dropped 10 MRZRs when it jumped into Poland in June as part of an exercise to test of their ability to bolster NATO’s eastern flank against possible Russian aggression.

The MRZR ATV is a very Spartan design. There’s no armor protection. It’s designed to carry extra ammunition, food, water and casualties if necessary.

“We are not comparing this to a JLTV or an up-armored Humvee or anything like that,” Salas said. “It’s designed to stay off road; it’s designed to enable you to be unpredictable.

“It’s a mule. It’s designed to be there at the most tactical level.”

Marine Corps to Equip Infantry Units with Polaris ATVs

Reporting Wrongdoing in the Intelligence Community (IC)

Standard

office-silhouettes-575

“POGO”

“The White House announced an addition to the National Intelligence Professional Awards program to recognize and reinforce the value of reporting wrongdoing in the Intelligence Community (IC).

Whistleblowers receive recognition for their bravery in reporting wrongdoing.

The Project On Government Oversight (POGO) has long advocated for the recognition of whistleblowers and the creation of incentives for them to come forward. We are encouraged by the creation of this new award program and by the IC’s commitment to encourage whistleblowers.

The awards program was announced in the government’s self-assessment of its Third Open Government National Action Plan as part of an initiative to increase access to information. The Office of the Director of National Intelligence will encourage whistleblowers to use authorized channels to report their concerns of potential misconduct and will “use the National Intelligence Award program to recognize that activity.”

It is high time that IC whistleblowers received recognition for their bravery in reporting wrongdoing.”

http://www.pogo.org/blog/2016/09/intelligence-community-whistleblower-award-ic.html

 

 

 

 

Critical Lack of Trained Experts To Meet Cybersecurity Threat

Standard
cybersecurity-jobs-and-education-villanova-university-dot-com

Image:  Villanova University

” THE DENVER POST”

“Today there are more than 120,000 unfilled cybersecurity positions.

A figure greater than the number currently employed.

Months have passed since the FBI took aim at encryption in the case of the San Bernardino shooter’s iPhone. Once the dust settled, our country began to take a different look at the dangers of unprotected data.

A series of incidents has revealed alarming vulnerabilities in our digital defenses. In the worst of these, we’ve seen a foreign power seek to influence our presidential election through the breach of voter registration databases in Illinois and Arizona, and the theft of sensitive information from national party headquarters. These pose a grave threat to our democracy.

Forty-four years ago, our country suffered through turmoil after a similar break-in at the Democratic National Committee’ headquarters at the Watergate complex in Washington, D.C. Now we face the humiliation of revisiting the same crime, but this time perpetrated online by foreign state actors seeking to undermine public confidence in our elections.

We clearly need to bolster our defenses to maintain the integrity of the electoral process. Companies across the nation must also protect themselves from attackers that exploit security weaknesses. These challenges can only be met by first addressing the critical shortage of cybersecurity experts.

Watching the FBI stumble through the encryption debate opened our eyes to the severity of this shortage. Most of the agency’s struggles could have been avoided with personnel trained in the right forensics procedures. Focusing instead on requiring companies to compromise encryption security indicated that a different type of expertise was needed.

The FBI isn’t alone. Breaches at hospitals, retailers and in our own government have shown the dangers of ignoring this threat. Accordingly, the demand for cybersecurity professionals has skyrocketed, particularly since people with these skills are in very short supply.

High salaries are offered to lure these experts. The national average exceeds $93,000, according to the Bureau of Labor Statistics, and in Denver that figure is $98,590. Unfortunately, generous compensation hasn’t come close to attracting the number of applicants needed.

The problem is that our schools aren’t providing necessary education. Only one in eight high schools teach AP computer science. Few universities offer cybersecurity coursework and many graduates face difficulty transitioning into this workforce.

Some companies scramble to plug staffing holes with offshore contractors. That won’t work for critical infrastructure jobs requiring security clearance for which only American citizens qualify.

Our government’s battle against encryption technology was a distraction from more pressing challenges. Instead of fighting U.S. companies in the courtroom, we should be developing talent in the classroom to fight cyber attacks from abroad.

Colorado has taken the lead in this area. Our state has established the National Cybersecurity Center in Colorado Springs, and the Denver area has emerged as a hub for cybersecurity companies. Specialized training facilities have been a key factor in this growth.

The steps we are taking locally offer promise for the future, but the global stakes are immense. Russia-based attackers have already shut down Estonia’s banking system and Ukraine’s electrical grid.

While these events were temporary disruptions, they may have been the proving ground for much larger attacks. Future wars will be waged first in cyberspace where key infrastructure is disabled to aid kinetic, on-the-ground assaults.

The recent cyberattacks against our country demonstrate the grave danger posed by hostile foreign powers. Our country has the ability to combat these threats, but we must allocate resources where urgently needed. Prioritizing skills education — from grade school to job retraining — is essential to build the cybersecurity defenses we need. Only through investment in these capabilities can we be prepared to meet the challenges before us.”

Amid growing U.S. cybersecurity threat, a critical lack of trained experts

 

 

 

Fed Year-End Spending Spree Needs to Change

Standard

cutting-dollar-red-1342111744

EDITOR’S NOTE:  We have often discussed the inefficient one year budget cycle of the US Government and recommend changes.   The One Year Budget Cycle Must Go.  Robert F. Hale  was comptroller and chief financial officer at the Defense Department from 2009 until 2014. As you will see in his opinion below, he heartily agrees.

Robert Hale

Robert Hale


“BREAKING DEFENSE”

“WHY DOD’s YEAR-END SPENDING NEEDS TO CHANGE”

“As the end of the fiscal year approaches at the Department of Defense (DoD), organizations are working hard to spend all the funds which are available for use only during the current fiscal year.

The pithy rationale for these actions: “Use it or lose it.”

We need to find practical ways to apply the brakes to year-end spending so that DoD funds only its highest-priority needs.

DoD spending spikes sharply during the final week of the fiscal year.  (To be technically correct, by “spending” I am referring to entering into contracts or otherwise obligating funds.) In a 2010 report researchers from Harvard and Stanford Universities showed that, based on data for the years 2004 to 2009, final-week spending at DoD was more than four times higher than the average weekly spending during the rest of the year.  Similar trends occurred at other federal agencies.

The spike doesn’t necessarily mean that year-end funds are wasted.  Many year-end funds buy construction-related goods and services, office equipment, and IT equipment and services. These items are needed, but they do not directly support the most critical DoD mission needs, such as training and military readiness.  Moreover, research on federal IT spending suggests that final-week purchases are of lower quality than those made during the rest of the year, and I suspect the same finding applies to other categories of spending.  The surge in spending may also lead overworked contracting officers to push out lower-quality contracts.

Making operating funds available only for one year works against good resource allocation in another way. Resource managers must estimate forthcoming bills for services in the final month of the fiscal year (for example, final bills for electricity and water) and obligate the funds before year’s end. They have to estimate on the high side because, if their estimate is low, they risk violating the federal anti-deficiency laws. High estimates for routine services leave fewer funds available for mission-critical activities such as training and readiness.

Year-end spending worries federal employees, and it should worry taxpayers too.  For several years the Obama Administration conducted a SAVE campaign (Securing Americans’ Value and Efficiency), which asked federal employees to suggest ways to make government more efficient. In my role as DoD comptroller, I reviewed suggestions related to DoD. I was struck by how many employees urged that year-end spending be reduced. A 2007 survey of DoD financial management and contracting professionals showed the same result. Almost all respondents expressed concerns about year-end spending.

The law already has some provisions designed to avoid year-end spending spikes.  For example, only 20 percent of major operating budgets are supposed to be spent during the final two months of the fiscal year. But this provision still leaves room for final-week spikes.

Congress could help by passing DoD appropriations on time – that is, by October 1.  Late appropriations push even more spending toward the end of the year and may exacerbate year-end spending. Unfortunately, Congress has not provided DoD with an on-time appropriation during any of the Obama years, and it will apparently not do so again this year.

But Congress can help by permitting DoD to carry over a small percentage of its operating budgets (perhaps 5 percent) into the next fiscal year. This flexibility would not increase the total funds available to DoD. However, for funds eligible for carry over, managers could decide whether to buy that office furniture for the headquarters at the end of the year or wait and let other needs compete for the funds next year. There is some evidence that carry-over authority helps. Our Harvard and Stanford researchers found that, at one federal agency that had such authority (the Department of Justice), final-week spending spikes were much smaller.

While serving as DoD’s comptroller, I tried to persuade Congress to permit the Department to carry over small amounts of its operating funding into the next fiscal year.  I made a few converts, but not enough to make it happen.

The next administration should try again to secure carry-over authority.”

Why DoD’s Year-End Spending Needs to Change

 

 

 

VA Buying System Archaic & Improvement Slow

Standard

wounded_vet

“FCW”

GAO Report:   ordering interface looks like something from when people “first started using computers.”

The VA procurement policy framework as being “outdated and fragmented,” with different procurement regulations covering different parts of the agency. Revisions and standardization of the VA’s overarching procurement regulation isn’t due until 2018.

The Department of Veterans Affairs embarked on an update of its fragmented, overlapping and out-of-date procurement system in 2011. Capitol Hill critics say implementation could be going faster.

“Companies doing business with the VA don’t know what the rules are, and even the VA contracting officers get confused,” said Rep. Mike Coffman (R-Colo.) at a Sept. 20 House Veterans Affairs Committee hearing.

Rep. Ann Kuster (D-N.H.) said the way the system works right now is “unacceptable” and that she will be “anxiously waiting” any updates to the system.

Greg Giddens, VA’s executive director for acquisition, logistics and construction, said the agency has “strategies in place that align with GAO’s recommendations” in most areas of oversight concern.

Acting Chief Procurement and Logistics Officer Rick Lemmon said the agency is in the process of developing and launching a new Windows-based ordering interface, to replace the aging, text-based legacy system in fiscal year 2017. The current VA system is integrated with the agency’s homegrown VistA health record system, and is coded using the legacy MUMPS computer language.

Giddens noted that VA is in the midst of a financial management IT initiative, and launching plans for a digital healthcare platform. Both of these efforts “will impact legacy and contemporary supply-chain systems and interfaces, as well as influence system-improvement alternatives and investment decisions over the next two to five years,” he said.”

https://fcw.com/articles/2016/09/21/va-procurement-oversight.aspx?admgarea=TC_Management

 

Federal Cyber Incidents Up 1,300% In 10 Years

Standard

federal-cyber-reporting-incidents

“WASHINGTON POST”

“The number of cyber incidents reported by federal agencies jumped more than 1,300 percent, from 5,503 to 77,183, over the 10 years through fiscal 2015.

This is not just a theoretical warning.

Federal information security has been on the high-risk list of the Government Accountability Office (GAO) since 1997, and the situation has only grown worse.

These statistics, at once sobering and alarming, were included in a GAO report presented to the President’s Commission on Enhancing National Cybersecurity this week. The report was in the form of a statement from Gregory C. Wilshusen, the GAO’s director of information security issues.

“Over the last several years, we have made about 2,500 recommendations to agencies aimed at improving their implementation of information security controls,” Wilshusen said. “These recommendations identify actions for agencies to take in protecting their information and systems. For example, we have made recommendations for agencies to correct weaknesses in controls intended to prevent, limit, and detect unauthorized access to computer resources. … However, many agencies continue to have weaknesses in implementing these controls, in part because many of these recommendations remain unimplemented. As of September 16, 2016, about 1,000 of our information security–related recommendations have not been implemented.”

Ineffective cyberprotection “can result in significant risk to a broad array of government operations and assets,” he added.

Press secretary Jamal Brown of the Office of Management and Budget (OMB) responded by saying that “cybersecurity is one of the most important challenges we face as a nation. Over the last nearly eight years, federal agencies have made significant progress in strengthening their overall cybersecurity posture. Yet, as cyber threats continue to evolve and grow, we must remain vigilant in our efforts to combat them.”

Among of those efforts was release of a first-ever cybersecurity workforce strategy and implementation of the Cybersecurity National Action Plan, which established the commission that heard Wilshusen’s statement.

“GAO’s recommendations to the commission are important and welcomed,” Brown said.

These examples from Wilshusen show how broad that array can be: “Sensitive information, such as intellectual property and national security data, and personally identifiable information, such as taxpayer data, Social Security records, and medical records, could be inappropriately added to, deleted, read, copied, disclosed, or modified for purposes such as espionage, identity theft, or other types of crime.”

In June 2014, the Office of Personnel Management announced that personal information, including Social Security numbers, belonging to 22 million federal employees and others had been hacked. That is the largest announced cybertheft but far from the only one. The private sector also has been repeatedly hit by cyberthieves.

“These threats come from a variety of sources and vary in terms of the types and capabilities of the actors, their willingness to act, and their motives,” Wilshusen said. “For example, advanced persistent threats — where adversaries possess sophisticated levels of expertise and significant resources to pursue their objectives — pose increasing risks.”

In a March report to Congress, the OMB linked the rising number of cybersecurity incidents to “an increase in total information security events and agencies’ enhanced capabilities to identify, detect, manage, respond to, and recover from these incidents.”

Although the report indicates that about 40 percent of the GAO’s recommendations have not been implemented at any one time, in an interview, Wilshusen said the government’s long-term record is significantly better. Within four years, 88 percent to 90 percent of the recommendations are followed, he said by phone. “Over time,” he added, “the agencies do a pretty good job of implementing our recommendations.”

The GAO offered several recommendations, including strengthening oversight of government contractors that provide information-technology services. That was a lesson learned the hard way through the OPM breach.  In 2014, the GAO found that five of six selected agencies “were inconsistent” in their oversight of contractor cyber controls.”

https://www.washingtonpost.com/news/powerpost/wp/2016/09/22/federal-cyber-incidents-jump-1300-in-10-years/?utm_campaign=EBB%209.23.16&utm_medium=email&utm_source=Sailthru

 

Federal Agencies Challenged in Attracting Tech Startups

Standard

small-business-and-far

“NATIONAL DEFENSE MAGAZINE’

“Entrepreneurs and innovators in commercial industry are just as patriotic as those who work in the traditional defense industry. They’re not comfortable on the long lead time and very long development cycles.

They are not comfortable inside the Federal Acquisition Regulations.

Startup companies and young entrepreneurs were largely absent from the Air Force Association’s air, space and cyber conference this week, an issue that came to a head Sept. 21 during a discussion among the Air Force’s top officers.

To speed the acquisition of commercial technologies and bring new companies into the fold, Defense Department leaders have been reaching out to firms in technology hubs such as Silicon Valley, Boston and Austin. But the AFA conference in National Harbor, Maryland, one of the most prominent annual defense industry expositions, was dominated by traditional contractors that have been doing business with the Pentagon for decades.

A panel of four-star and three-star general officers was asked by an audience member about the notable absence of the non-traditional companies that defense officials have been courting.

“Why would you expect to see a millennial at the opera?” said Gen. Ellen Pawlikowski, commander of Air Force Materiel Command. “By that I mean the forum that’s here for AFA and the booth concept is not the environment that the entrepreneurial community that … we engage with is one that they come to.”

“It’s not of interest to them,” she added. “That’s not their culture.”

The Defense Department will have to court them, not the other way around, she said. Pentagon officials must make a concerted effort to meet them on their turf, she noted.

“We have to reach out to the forums and to the venues that they go to,” she said. “That will put some of us out of our comfort zone that we’re used to participating in, but that is the way we have to draw them in.”

Secretary of Defense Ashton Carter has made several high-profile trips to Silicon Valley and other centers of innovation. Last week, the Pentagon chief attended a TechCrunch Disrupt conference in San Francisco, where he tried to persuade cyber technologists to work for or do business with the Defense Department

At a venue where a Pentagon official wearing a business suit looked like a fish out of water, Carter fielded tough questions. Some, including one about marijuana use, would be considered way out-of-left-field if they had been asked at a traditional industry conference.

Pawlikowski noted that she attended a venture capitalist conference in Los Angeles focused on space issues, with positive results.

“After I finished, I had about a dozen venture capitalists come up to me wanting [me] to know that they had entrepreneurs that were interested in getting involved in this business and [asking] how could they get involved” with the Defense Department, she said.

But the Pentagon’s acquisition process sometimes causes headaches for those involved in outreach efforts to non-traditional industry and startup companies.

Air Force Materiel Command has made a concerted effort to draw in commercial firms with small business innovative research funding, Pawlikowski said.

“What we found though that is if we just leave it up to our usual devices of going out and putting out, ‘Here’s our topics we’re interested in,’ we will get shall we say the more traditional small business” to respond, she said.

“It doesn’t necessarily attract the entrepreneurial business base as a general rule,” she added. “In fact, sometimes our definition of a small business actually makes it hard for that entrepreneurial business base to participate, because if a venture capitalist invests in an entrepreneur then they no longer qualify as a small business, for example.”

Gen. Paul Selva, vice chairman of the Joint Chiefs of Staff, echoed concerns about the hurdles thrown up by the often cumbersome acquisition process.

The Pentagon has been pursuing different paths of engagement, he noted.

“What we have to do and what we have been doing is trying to nurture relationships with those small companies by placing bets and asking them hard questions and giving them some time to chew on them,” he said.

They’re wiling to give their intellect to the questions we’re willing to ask,” he said. “We just have to find an environment that they’re comfortable operating in.”

http://www.nationaldefensemagazine.org/blog/Lists/Posts/Post.aspx?ID=2311