Category Archives: Business

Logistics Support is on the Rise – Air Force Awards Nearly $1B to Upgrade Landing Gear on Older Aircraft

Standard
C130 Landing Gear

910th Airlift Wing maintainers install a new C-130 main landing gear tire in 2014. (U.S. Air Force photo/Tech. Sgt. Jim Brock).

“DOD BUZZ”

“The Air Force plans to drop some serious cash to upgrade the landing gear on some of its oldest aircraft.

The service has awarded a contract to AAR to overhaul the landing gear on its C-130 HerculesKC-135 Stratotanker; and E-3 Sentry airborne warning and control system, or AWACS, fleets, according to an announcement.

AAR, an Illinois-based aviation services company, recently landed a $909.4 million fixed-price contract from the service for landing gear performance-based logistics, the company said in a release.

AAR will provide “total supply chain management,” including “purchasing, remanufacturing, distribution and inventory control to support all Air Force depot and field-level, foreign military sales, other services, and contractor requisitions received for all C-130, KC-135 and E-3 landing gear parts,” the release states.

“We are excited to get started on this important contract for the Air Force,” said Nicholas Gross, senior vice president of AAR’s government supply chain solutions, in a statement. “Serving as the prime contractor, AAR will support these three fleets utilizing our Landing Gear Repair and Overhaul center in Miami [Florida], as well as our supply chain network across the country.”

AAR also has offices and warehouses in Wood Dale, Illinois, and Ogden, Utah.

The work comes at a time when landing gear malfunctions have become more common, especially in older aircraft such as the Hercules.

A maintenance team with the 386th Air Expeditionary Wing, based in Southwest Asia, recently worked to fix a C-130’s landing gear after a tire blew out on landing at a forward operating base — days before this reporter took a flight in a sister C-130 over Iraq.

The team’s combat metals airmen ended up creating and installing the damaged Hercules’ landing gear door to salvage the wheels’ cover.

The repair cost the Air Force “229 man-hours, $400 in material, and 264 rivets for an engineer-approved air battle damage repair procedure,” the service said.

In total, it saved $107,000 in replacement cost for the Air Force, according to a release.”

https://www.dodbuzz.com/2017/08/16/air-force-awards-nearly-1b-update-landing-gear-older-aircraft/

 

 

 

DIU(X) Pentagon Outreach Program To Tech Startups Is Here to Stay

Standard

DIU(X) Web Site:   https://www.diux.mil/portfolio

“BREAKING DEFENSE”

“DIU(X) has spent $100 million on projects from 45 companies. These are not traditional defense contractors but commercial tech companies, mostly small ones, backed by about $1.8 billion in venture capital.

The whole idea is to reach beyond the often stodgy military-industrial complex to the thriving, innovative tech sector, especially to start-ups that lack the time, connections, or specialized manpower to penetrate the defense procurement labyrinth.


How does Trump’s Defense Secretary feel about one of the Obama Pentagon’s more controversial aus, the outreach to tech start-ups known as DIU(X)?

“I don’t embrace it,” Jim Mattis told reporters en route to Silicon Valley yesterday. “I enthusiastically embrace it, and I’m grateful that Secretary Carter (Ash Carter, Obama’s last SecDef) had the foresight to put something in place to anchor the Department of Defense out there.”

“I want to see results. I want to see what they’re doing with their location and the ideas that they’re bringing, they’re harvesting — what are we getting out of it?” Mattis continued when pressed by a skeptical press. “Absolutely, I want to see them in their mission. I’m not coming out here questioning the mission.” (Emphasis ours).

Mattis’s embrace of this Obama-era idea is just the latest sign that there’s a lot more continuity at the Pentagon in some policy areas than President Trump’s Twitter barrages would suggest. Trump blasted the F-35 stealth fighterMattis committed to continued production. Trump called NATO “obsolete” and said South Korea should pay for US missile defenses; Mattis reached out to allies. Trump campaigned on pledges of a Reaganesque defense buildup; his actual budget proposal has been modest. Trump promised new Navy ships and Army units; Mattis has prioritized better training and maintenance for the forces we already have. Trump said he’d made US nuclear forces stronger but they’re actually still shrinking under Obama-era arms control treaties. All modernization to nuclear delivery systems was started under Obama.

In this context, Mattis keeping his predecessor’s Defense Innovation Unit (Experimental) isn’t so surprising. Congressional Republicans have been ambivalent about DIU(X), which has offices in three strongholds of Democrat-leaning techies: Palo AltoAustin and Boston. (Note the persistent attacks by the far right on Google and other tech companies.) House Armed Services chairman Mac Thornberry has worried aloud that DIU(X) duplicates longstanding high-tech efforts such as DARPA.

One of Work’s last acts, on July 14, was to give DIU(X) new legal authorities. One of the most significant is rapid hiring authorities that let DIU(X) bypass cumbersome federal regulations and bring tech expert onboard in as little as a day. (Similar authorities have been proposed in Congress) Another expanded the unit’s ability to set up Cooperative Research & Development Agreements (CRADAs) with private companies. Still other authorities gave DIU(X) new abilities to advertise, run prize competitions, host conferences, all methods of getting geniuses’ attention for its projects.”

http://breakingdefense.com/2017/08/diux-is-here-to-stay-mattis-embraces-obama-tech-outreach/

What has DIU(X) done to deserve more money and power? The unit’s signature achievement so far is new planning software for Air Force flight operations previously run with Microsoft Excel and markers on whiteboards. The new software cost $1.5 million, but by scheduling sorties more efficiently, it will save an estimated $131 million year in fuel and maintenance for tanker aircraft, DIU(X) says. The DIU(X) project also delivered in 120 days what a multi-year, $745 million dollar Air Force program could not.

Other DIU(X) contracts range from robotic sailboats (“saildrones”) to collect data on the ocean – vital for naval planning – to military simulations derived from commercial games.

All told, after a rough start which prompted Carter to reboot the unit, DIU(X) has spent $100 million on projects from 45 companies. These are not traditional defense contractors but commercial tech companies, mostly small ones, backed by about $1.8 billion in venture capital. The whole idea is to reach beyond the often stodgy military-industrial complex to the thriving, innovative tech sector, especially to start-ups that lack the time, connections, or specialized manpower to penetrate the defense procurement labyrinth. [UPDATE: Mattis also visited Google on Friday, but the tech giant has been leery of military contracts.] This strategy lets the military ride a train whose locomotive is massive private investment the Pentagon doesn’t have to pay for.

Now Mattis is publicly embracing this approach. In the words of a press release the Defense Innovation Unit (Experimental) put out to celebrate the secretary’s visit, it looks like “DIU(X) is here to stay.”

http://breakingdefense.com/2017/08/diux-is-here-to-stay-mattis-embraces-obama-tech-outreach/

 

 

 

 

Northrop Grumman Expanding Grand Forks, North Dakota Unmanned Aerial Systems Facility

Standard
grand-sky1

Photo: Northrop Grumman

“NATIONAL DEFENSE MAGAZINE”

“Less than a year after Northrop Grumman opened the doors to its new unmanned aerial systems facility in North Dakota, the company will soon break ground on a new hangar to conduct testing and maintenance on its family of autonomous systems.

The company expects to employ 100 people by the end of 2017, with a mix of current Northrop employees coming from San Diego and other locations, and new hires from the North Dakota area.

The Grand Sky Park, for which Northrop Grumman is the anchor tenant, hosts several commercial tenants with ties to unmanned aerial systems, including General Atomics, Hambleton said. Northrop committed over $10 million to the initial Grand Sky project, and its initial 36,000 square-foot facility was completed in late 2016.

The company in April announced the opening of its new facility at the Grand Sky Unmanned Aerial Systems Business and Aviation Park near Grand Forks. The facility serves as a “nucleus” for research and development, pilot, operator and maintainer training, as well as operations and mission analysis and aircraft maintenance, according to Northrop.

Before the end of the summer, Northrop will start work on a new hangar that will allow it to take advantage of the proximity of Grand Forks Air Force Base’s remotely piloted aircraft squadron, David Hambleton, Grand Sky program manager and site lead, said in an interview with National Defense.

Northrop leased 10 acres of land from the Air Force to build the recently opened facility and the 35,000 square-foot hangar, which is expected to be complete by the end of 2018, he said. Flight testing and aircraft maintenance for the company’s family of autonomous systems will begin by the following year, he added.

The company’s facility in North Dakota will be an “offshoot” of its autonomous systems division in San Diego, California, he said. “In one place, we have access to both civil and restricted airspace [and] opportunities to collaborate with the universities nearby” such as the University of North Dakota and North Dakota State University, he said.

The Grand Sky team will have the ability to link different capabilities “through a modeling and simulation backbone,” he added. “We’ll be able to tie together system testing in a lab with monitoring mission data as it comes in, connecting to training simulators and linking them together in a technical way to enable new ways to doing what, in the past, we’ve done independently or separately.”

The FAA-designated Northern Plains unmanned aerial systems test site is also located in Grand Forks, and the Air Force’s fleet of RQ-4 Global Hawk unmanned surveillance aircraft, produced by Northrop, is based next door, he noted.

“Having all of these capabilities and infrastructure concentrated here makes Grand Sky a desirable place for us to pursue flight testing and system demonstration,” he added.

Northrop expects to perform flight testing and maintenance for the Global Hawk fleet at Grand Sky, but also intends to support other unmanned systems such as the Navy’s forthcoming MQ-4C Triton surveillance aircraft or the MQ-8 Fire Scout reconnaissance helicopter, he added.

Northrop committed over $10 million to the initial Grand Sky project, and its initial 36,000 square-foot facility was completed in late 2016, he added.

The local community and the state of North Dakota were interested in developing the unmanned aerial systems industry in the Red River Valley region, he said. A group of local actors that included the University of North Dakota and Grand Forks County developed the Red River strategic alliance agreement.

“Northrop Grumman signed on to this agreement to promote the UAS industry,” he said. “That set the stage for the goal of creating… the Grand Sky aviation business park for UAS.”

http://www.nationaldefensemagazine.org/articles/2017/8/3/northrop-prepares-for-new-hangar-construction-in-north-dakota

 

Pricing Small Business Federal Government Service Contracts

Standard

Pricing Govnernment Contracts - Copy

Integrate Long-term Company Strategy With Short Term Proposal Pricing Objectives

INTRODUCTION

Small businesses entering or growing into federal contacting often struggle with developing a pricing approach. They must design a pricing structure to pass an audit and win competitively. A winning strategy for federal services contracting must involve a view of the horizon as well as the instant bid on the table.

If you are a small enterprise selling off-the-shelf commercial items under FAR Part 12 or marketing commercial products on a GSA schedule, you may be initially challenged by the government contracting venue. With persistence you will establish selling relationships through agencies and prime contractors. Your pricing challenge is minimal. A service contractor faces a far greater challenge in understanding the nature of government contact pricing and winning at it.

Strategic thinking must therefore be applied to structuring a government service contracting cost center in your company. It must involve long term planning and designing a business system as well as establishing rates and factors to bid new work.

LONG TERM COMPANY STRATEGY

Build a Business System With Pricing in Mind:

We have previously discussed the basics of small business government contracting business system design: Job Cost Accounting Basics

The structure or your pricing approach from the cost element level through burdens must use the same template as your job cost accounting and billing. The parallel mapping provides the consistency required to pass audits or get your billings approved on a service contract.

Please read the above article and its related references. Then design your processes recognizing the guidance there and applying it to your company organization, and the way you produce your supplies and services:

Sculpt the DCAA Auditor

As you begin submitting government contracting proposals you will encounter your local DCAA audit office. They learn about your company by auditing your cost proposal rates, job cost processes and systems, billings and contract closeouts.

Keep in mind that you are shaping opinions in these encounters on the part of these government personnel that will influence your future and be passed on in reports to contracting officers. Your unique company business system structure must be carefully explained to them against what they know best; their DCAA Audit manual and FAR Cost Accounting Standards:

DCAA Audits and Job Cost Accounting Systems

Protect Rate Information

Your fully loaded rates will appear on your GSA schedule in the public domain, in subcontracts from prime contractors and in data acquired under the Freedom of Information Act (FOIA) by competitors.

It is generally recognized by all industries participating in federal government contracting that internal overhead and G&A rates and the data that support them are proprietary data. The reason for the proprietary nature of rate data between companies is that in government work firms are teaming with each other exclusively on one project and competing against each other on additional contracts or projects at the same time.

Companies do not disclose the details of their rates to other companies and they do not expect to see another company’s proprietary rate information. So companies view each others rate information on a fully loaded basis, meaning the total of the base cost, any proprietary indirect cost and an agreed upon profit percent.

If a prime contractor requests that subcontractor proprietary rate information be supplied with a proposal the detail should be double wrapped and the package stamped, ‘Government Eyes Only’. The prime will then hand the package off to DCAA without opening it and receive only the fully loaded result of the burdened rate pricing.

For further information on intellectual property protection and protective markings on government contract proposals please see the following article:

Protecting Intellectual Property

Recognize Overhead and G&A Rates Are Critical

Assuming your competition pays a generally similar labor rate to their employees as you do and that fringe costs about the same for everyone, then overhead and G&A are what wins and loses contracts.

Please read the following articles carefully with regard to long range planning and setting your overhead and G&A rates:

FAR and CAS Compliant Systems

Provisional Indirect Rates

Keep in mind that if you are performing work inside a government facility the government will expect to be charged a lower overhead rate than if you were paying the space and occupancy costs and the light bill. This is normally achieved by establishing a separate cost center for “On site” (Internal to government quarters) work with lower overhead expenses applied to project direct labor dollars in that cost center.

Price Set Aside Contracts the Same as Full and Open Competitions

If you are a small business lucky enough to receive a sole source set aside contract under an 8(a) or Hub Zone award, or if you are participating in limited competition under a small business set aside designation, use the same sharp pencil you use on the full and open market. Your goal is to compete for the long haul and inflating estimates on particular jobs due to limited competition has an inflationary effect on your business as a whole.

Your company past performance is being constantly evaluated by the government and prime contractor community. Consistency attains and retains new business. You will eventually grow to the point where set asides and sole sourcing will no longer be available; prepare early.

Know the True Value of Your Proposal

Develop risk thresholds (ceiling and floor) for your bids. The ceiling is the price for which you can bid a job, perform to meet specifications and win. A floor is the lowest possible price for which you can accept a contract and survive.

Do not bid or be negotiated out of these thresholds. “Buying In” does not work and sacrificing the future of your company by “Low Balling” cost proposals and hoping to get well on scope changes later is dangerous.

In government contracting the only worse scenario than losing a contract is winning it, performing poorly (cost, schedule or technical) and getting a black eye on your company past performance record that takes a long time to go away.

Understand a Proposal is the Opening Chapter a Baseline for Your Contract

Your proposal represents an initial offer to a government agency or a prime contractor. Please read the following articles on how this baseline is initially set and controlled through the negotiation process and ultimately through careful contract management.

Project Baseline Managment

Contract Negotiation

SHORT TERM PROPOSAL OBJECTIVES

Make Bid/No Bid Decisions Wisely

Conduct your bid/no bid decisions effectively. Please see the bid/no bid analysis process at the beginning of the following article:

Contract Negotiation

Be Conservative in Rough Order of Magnitude Pricing

A common government planning technique in the early phases of marketing is to ask questions and review and approve a concept paper by a company then informally request for “Planning Purposes”, a rough order of magnitude cost estimate (ROM).

If you provide a ROM be very careful. It tends to get cast in concrete in the customer’s mind, even though it is not the final, formal proposal. Make it conservative in cost content and schedule duration, then plan to beat it with your formal proposal.

Make sure you caveat the ROM if you are asked for it with the statement in your cover letter that it is for planning purposes only and is not a commitment on the part of your company. State that you will be happy to make a full formal proposal/commitment upon receipt of a formal RFP from an authorized contracting officer. Keep in mind that contracting officers are the only people who can commit the government:

Customer Relations

The government usually goes forward with the concept paper and the ROM for approval of the funding necessary for the job. The “Agency Higher Ups” either give the project personnel the approval to do a set aside or they require a competitive procurement.

You may want to read the following article on Statements of Work:

Contract Statement of Work and Technical Specifications

Know the Difference Between Firm, Fixed Price, Time and Materials and Cost Plus Contracting

During the solicitation and proposal process the contract type is specified.

Firm, Fixed Price (FFP) is the riskiest type of contracting and should be undertaken only when you have a definitive grasp of a precise statement of work with known variables and end products. You should have achieved similar work scope in the past or be delivering follow-on products and services that are mature in nature to undertake a firm, fixed price contract.

FFP is particularly risky in software development contracts or high technology program pressing the state of the art. You will receive no more in the form of funding than your bid price on a firm, fixed price contract.

Time and Materials (T&M) contracting places the risk on the government and is suited to long term service contracts of a development nature. T&M may be contracted with fixed labor rates, making the hours and pass through materials and other direct costs the only variables.

Cost Plus (CP) contracting is the least risky of all contract types and you are assured of receiving every dollar of cost incurred under this type of contract.

The lower the risk to the contractor the lower the expected negotiated profit rate you can expect, since the government considers risk the principal factor in profit negotiation.

For further explanation of contract types in more detail, please see the following article:

Government Contract Types

Develop a Price Profile of the Competition

Use a copy of your own forward pricing long range plan (LRP) to model your strongest competitors. Profile your best intelligence regarding their size, location, contract base and estimated overhead and G&A expenses. Then interpolate, from your knowledge of the market, their labor and fringe costs, as well as other direct costs as you prepare your proposal. Incorporate any unique approaches you estimate your competition may offer that impact cost.

Modeling Your Competition

Adjust your competitor cost model to perform “What If Analysis” during your risk assessment and proposal review process. For an example of an LRP cost model please see the Box Net Cube in the left margin of this site: Small Business Federal Government Contracting It is Appendix B to the book, “Small Business Federal Government Contracting” and is available as a free download in Adobe format from the BOX in the right margin of the site.

Understand “Best Value” Source Selection

When the government declares a “Best Value” proposal award process the agency will perform a weighted trade study of cost verses technical and management factors in reviewing proposals. They will announce the weight of each factor in relative terms within the solicitation so contractors can focus on the most important elements.

What best value means quite simply is that if you are the low price bidder you may not win. If a competitor proposes a superior technical and management approach, a higher weighted rating in those factors may offset an otherwise non-competitive bid price, resulting in an award. This is a fact you must keep in mind when preparing your own proposal. In short you must perform your own trade study on your own bid.

Past performance has also become a significant weight factor in proposal evaluations in recent years. To address this challenge, please see the following article:

Past Performance Challenge

A balanced proposal, with specific, heavy emphasis on government-designated weight factors and an economical, yet realistic cost/price usually wins. Offsetting weaknesses in any designated government weighted area by proposing excellence in other weighted areas is vital.

Beware of Unallowable Costs

Over the years the federal government has determined that certain costs cannot be allowed in prices, cost reimbursements or settlements under contracts with the US Government. The government is unwilling to pay for these costs as direct charges to federal government contracts or through indirect expense pools applied to federal government contracts.

A company is not prohibited from incurring unallowable costs, but they cannot be recovered either directly or indirectly under federal government contracts. To manage unallowable costs, separate accounts must be established for these type expenses and they must not be priced directly into federal government contracts during the proposal process.

Such costs cannot be made a part of the expense pools which are applied to federal government contracts through an overhead, material handling or G&A cost allocation at accounting period close or during forward pricing rate planning. For more detail on unallowable costs please see the following article:

Unallowable Costs

Integrate Pricing With Technical and Management Approaches

Establish price targets as soon as possible for major tasks, evolve a program plan, or if you are bidding a T&M, IDIQ type program develop a sample work order for a typical representative effort.

As the technical and management proposal move toward completion, use established checkpoints to evaluate the efficiency of your cost estimate, escalation factors, labor, material and other direct costs. Then apply your indirect rates and subject your total proposal to a credibility check with regard to a believable cost estimate considering your solution and its time frame.

Run your competition price model and bring in some outside experts to review the end product proposal “Cold” before it is submitted.

Manage Best and Final Offers (BAFO) Carefullly

Most government solicitations require a format and terms and conditions with submission that permit contract award without further discussion. However, many involve a down-select process, briefings by those selected in the “Competitive Range”, a call for best and final offer (BAFO) or negotiation to achieve a final price.

The best and final offer period is a sensitive time. Most contracting agencies that call for a BAFO will cite weaknesses or concerns in the selected contractor proposals. They wish to hear about solutions to those weaknesses during BAFO briefings and require a re-submitted offer to correct them. The price may be adjusted as well and that is a key consideration. Pay particular attention to the way the BAFO instructions and concerns, specific to your down-selection, are worded. Look for hints that indicate critical opinion about your pricing, and then adjust your costs.

Consider the cost, schedule, technical and past performance implications of the BAFO request letter from the government and revise your proposal by the required submission date. Close the loop on all matters with your suppliers, subcontractors and prime contractors, and then conduct your briefing to the customer when it is scheduled. Present a united front to win. Your price should be your best. You will not be offered a chance to bid another competitively on that program.

On some procurements you may be asked to undertake additional discussions to determine final contract pricing. Please see the negotiation template at the following article for guidance on that process:

Government Contract Negotiation

SUMMARY

This discussion has conveyed how pricing should be a natural outgrowth of the organization structure, market strategy, competitive analysis, business system design and long range planning.

We have further explained how your long and short term pricing factors should be integrated with the management and technical elements of any given proposal. Take the long and the short view of your business by integrating long-term company strategy with short term proposal objectives

Senate Attempt to Reduce Contract Protests Ignores Root Cause

Standard
Protests Myislandcity dot net

Sour Grapes Image:  Myislandcity.net

“WASHINGTON TECHNOLOGY” By Stan Soloway

“There are things that can be done to reduce the negative effects and frequency of protests. And they start with enhanced transparency—before, during and after award.

The current Senate proposal fails to consider protests in the context of the broader procurement regime and its innumerable government-unique requirements.”


“When it comes to federal procurement, the frequency and expectation of protests has had a palpable, costly, and sometimes deleterious effect on the process and those competing in it. Most companies now add an extra six to 12 months to their revenue projections in order to account for possible protests.

There is good reason to believe (including surveys) that “low price/technically acceptable” (LPTA) procurement strategies are, with some frequency, driven by a desire to avoid protests, since protesting such procurements is near impossible.

And, of course, there have been cases where incumbents, having lost a re-competition, submit a protest and, as a result, effectively get a contract extension while the protest is decided.

All of these represent unintended and undesirable impacts of the protest process. As a result, many have believed for some time that significant remedial action is needed. This includes the Senate Armed Services Committee, which, for the second year in a row, has included provisions in the defense authorization bill that would require losing protestors to reimburse the government for the costs of a protest when none of the plaintiff’s allegations are sustained.

The legislation would also require the withholding of all profits from incumbent contractors who lose a recompetition and file a protest. The funds would only then be released if some portion of the protest is sustained. If it is fully rejected, the money would be paid to the company that won the competition over which the protest was filed.

Some, including my friend and former federal procurement administrator Steve Kelman would go even further. He has at times argued we should consider doing away with protests altogether since no such equivalent exists in the commercial sector. Unfortunately, sympathetic as I am to the issues driving these views, we are putting the cart before the horse.

First and foremost, we have to remember that protests exist principally to ensure that the outcome of a procurement is in the best interests of the taxpayer. Hence, when mistakes are made, it is in the government’s, and taxpayer’s, interest to take corrective action.

Second, the federal acquisition regulation makes clear that all bidders on a federal procurement must be treated fairly. To the extent the government fails to follow its own rules or stated procurement strategy, remediation is required. There is no such requirement in the commercial world.

Third, even if a protest is dismissed in its entirety one cannot make the leap to assuming nefarious intent on the part of the protestor. That’s like saying everyone who loses a lawsuit was being frivolous in filing it. Obviously that’s not always the case.

For these reasons, and more, the Senate language is the wrong answer. But that does not mean a problem doesn’t exist and that some meaningful action is not possible. Quite the contrary.

Ironically, the proposed legislation includes a crucial part of the answer. In addition to the provisions cited above, it would also mandate quality, detailed debriefings for all significant procurements.

We learned in the 1990s that good debriefings result in far fewer protests. In fact, the data is clear that many companies use the protest process as a means of discovery; of trying to understand why they lost a given competition. In the years immediately following the added emphasis on debriefings, the number of protests dropped significantly.

As but one good example, the IRS had a policy of sharing in a debriefing all information that might otherwise be released during a formal protest (with appropriate redactions). And they executed numerous, significant procurements without a single protest. To its credit, the Senate committee would require that the IRS’s debriefing policy become the norm.

The bill would also require release of the government’s internal, written source selection criteria, which could and should be done anyway. Taken together, these two important steps toward greater transparency could have a very substantial effect. It should also be noted that the IRS was also particularly good in its pre-award communications to bidders, which undoubtedly also facilitated effective and credible competitions. Yet, such communications remain all too inconsistent.

Assigning motive is always a slippery slope. And much of what we think we know remains based on presumption rather than good data. Thus, it would also be helpful if there were better data on the frequency and nature of incumbent protests. How often are they actually sustained, in whole or in part? Is it possible to measure the frequency with which incumbents file protests focused on issues that, while valid, are so minor they would not result in a changed outcome?

Yes, it could reduce the number of protests. But it might well do so for the wrong reasons and based on the wrong assumptions.”

https://washingtontechnology.com/articles/2017/07/25/insights-soloway-bid-protests.aspx

About the Author:

Stan Soloway

Stan Soloway is a former deputy undersecretary of Defense and former president and chief executive officer of the Professional Services Council. He is now the CEO of Celero Strategies.

$9.29 Billion In F-35 Fighter Contract Awards to Lockheed in July 2017

Standard
F-35 Award

F-35As at Luke Air Force Base

“BREAKING DEFENSE”

” [Friday, July 27 2017] – A $3.69 billion contract was awarded Lockheed Martin for 50 foreign F-35s and work on the Lot 11 LRIP.

Separately, Lockheed won an interim payment of $5.6 billion in early July to help pay for the 91 American F-35s jets in LRIP 11.”


“After the markets closed on a sleepy and rainy summer Friday afternoon, White House Chief of Staff Reince Priebus was ousted and DHS Secretary John Kelly named to take his place, and, oh, by the way, a $3.69 billion contract was awarded Lockheed Martin for 50 foreign F-35s and work on the Lot 11 LRIP.

What’s in play here?

Most of the money, $2.2 billion, goes to buy one British F-35B, one Italian F-35A, eight Australian F-35As, eight Dutch F-35As, four Turkish F-35As, six Norwegian F-35As aircraft, and 22 F-35As for Foreign Military Sales customers.

The F-35 Joint Program Office said the Pentagon would continue to negotiate the 11th low rate initial production contract with Lockheed Martin and expected an agreement by the end of 2017. The full contract should be finished by the end of the year, the JPO said in a statement. At the same time, they said they are negotiating a separate deal with Pratt & Whitney for the F135 engines, which should be done about the same time.”

http://breakingdefense.com/2017/07/one-big-f-35-contract-2-8b-of-3-7b-for-foreign-planes/

Flush Times for Hackers in Booming Cyber Security Job Market

Standard
A recruiter advertises a QR code to attract hackers to apply for jobs at the Black Hat security conference in Las Vegas

A recruiter advertises a QR code to attract hackers to apply for jobs at the Black Hat security conference in Las Vegas, Nevada, U.S. July27, 2017.     Joseph Menn

“REUTERS”

“One of the outside firms that handle such programs, HackerOne, said it has paid out $18.8 million since 2014 to fix 50,140 bugs, with about half of that work done in the past year.

Mark Litchfield made it into the firm’s “Hacker Hall of Fame” last year by being the first to pull in more than $500,000 in bounties through the platform, well more than he earned at his last full-time security job, at consulting firm NCC Group.”


“In the old days, “The only payout was publicity, free press,” Litchfield said. “That was the payoff then. The payoff now is literally to be paid in dollars.”

There are other emerging ways to make money too. Justine Bone’s medical hacking firm, MedSec, took the unprecedented step last year of openly teaming with an investor who was selling shares short, betting that they would lose value.

It was acrimonious, but St Jude Medical ultimately fixed its pacemaker monitors, which could have been hacked, and Bone predicted others will try the same path.

“Us cyber security nerds have spent most of our careers trying to make the world a better place by engaging with companies, finding bugs which companies may or may not repair,” Bone said.

“If we can take our expertise out to customers, media, regulators, nonprofits and think tanks and out to the financial sector, the investors and analysts, we start to help companies understand in terms of their external environment.”

Chris Wysopal, co-founder of code auditor Veracode, bought in April by CA Technologies, said that he was initially skeptical of the MedSec approach but came around to it, in part because it worked. He appeared at Black Hat with Bone.

“Many have written that the software and hardware market is dysfunctional, a lemon market, because buyers don’t know how insecure the products they purchase are,” Wysopal said in an interview.

“I’d like to see someone fixing this broken market. Profiting off of that fix seems like the best approach for a capitalism-based economy.”

Reporting by Joseph Menn and Jim Finkle; additional reporting by Dustin Volz; Editing by Jonathan Weber and Grant McCool

The surge in far-flung and destructive cyber attacks is not good for national security, but for an increasing number of hackers and researchers, it is great for job security.

The new reality is on display in Las Vegas this week at the annual Black Hat and Def Con security conferences, which now have a booming side business in recruiting.

“Hosting big parties has enabled us to meet more talent in the community, helping fill key positions and also retain great people,” said Jen Ellis, a vice president with cybersecurity firm Rapid7 Inc, which filled the hip Hakkasan nightclub on Wednesday at one of the week’s most popular parties.

Twenty or even 10 years ago, career options for technology tinkerers were mostly limited to security firms, handfuls of jobs inside mainstream companies, and in government agencies.

But as tech has taken over the world, the opportunities in the security field have exploded.

Whole industries that used to have little to do with technology now need protection, including automobiles, medical devices and the ever-expanding Internet of Things, from thermostats and fish tanks to home security devices.

More insurance companies now cover breaches, with premiums reduced for strong security practices. And lawyers are making sure that cloud providers are held responsible if a customer’s data is stolen from them and otherwise pushing to hold tech companies liable for problems, meaning they need security experts too.

The non-profit Center for Cyber Safety and Education last month predicted a global shortage of 1.8 million skilled security workers in 2022. The group, which credentials security professionals, said that a third of hiring managers plan to boost their security teams by at least 15 percent.

For hackers who prefer to pick things apart rather than stand guard over them, an enormous number of companies now offer “bug bounties,” or formal rewards, for warnings about vulnerabilities that leave them exposed to criminals or spies.

In the old days, “The only payout was publicity, free press,” Litchfield said. “That was the payoff then. The payoff now is literally to be paid in dollars.”

There are other emerging ways to make money too. Justine Bone’s medical hacking firm, MedSec, took the unprecedented step last year of openly teaming with an investor who was selling shares short, betting that they would lose value.

It was acrimonious, but St Jude Medical ultimately fixed its pacemaker monitors, which could have been hacked, and Bone predicted others will try the same path.

“Us cyber security nerds have spent most of our careers trying to make the world a better place by engaging with companies, finding bugs which companies may or may not repair,” Bone said.

“If we can take our expertise out to customers, media, regulators, nonprofits and think tanks and out to the financial sector, the investors and analysts, we start to help companies understand in terms of their external environment.”

Chris Wysopal, co-founder of code auditor Veracode, bought in April by CA Technologies, said that he was initially skeptical of the MedSec approach but came around to it, in part because it worked. He appeared at Black Hat with Bone.

“Many have written that the software and hardware market is dysfunctional, a lemon market, because buyers don’t know how insecure the products they purchase are,” Wysopal said in an interview.

“I’d like to see someone fixing this broken market. Profiting off of that fix seems like the best approach for a capitalism-based economy.”

https://www.reuters.com/article/us-cyber-conference-business-idUSKBN1AD001

Pentagon Product Acquisition Focus Must Be On Requirements Document

Standard

Pentagon requirements

“DEFENSE NEWS” By Gen. John Michael Loh (retired)

“The most important, yet most overlooked product in the defense acquisition system is a succinct operational requirements document.

The Defense Department’s acquisition process is so overloaded with Office of the Secretary of Defense as well as Joint Staff bureaucracy, unqualified personnel, multiple reviews and councils, and duplication of the service’s requirements organizations, the requirement gets lost.”


“The operational requirements document, or ORD, is the foundation of the acquisition process from concept development through system development.That series of processes — the Joint Capabilities Integration and Development System, or JCIDS — in place since 2003, adds little value and never focuses on the ORD as the centerpiece.In fact, the requirements document isn’t called the “requirements document” in JCIDS. As the lengthy JCIDS process proceeds at a snail’s pace, what substitutes for a requirements document goes by various names like “initial capability document,” then, the “capability development document,” then the “capability production document,” without having a clear owner for each. An end-to-end ORD just doesn’t exist in JCIDS.

Instead of the top-down, JCIDS-based requirements process, the requirements process should be bottom-up with single ownership by the service’s major operating commands throughout. Putting together and managing an airtight, bulletproof ORD should be the first priority and main focus of activity during concept development leading to milestone one. After milestone one, the ORD should stay in the forefront of every decision and remain unchanged. That is the way the system worked before JCIDS.

We need to learn from the past and get back to basics in the acquisition system starting with the requirements process. From the start of the F-15 and F-16 programs in the early 70s through the F-22 start in the late 80s, concept development began with small, smart teams working together from the operating and developing commands; understanding the need; conducting trade-off analyses to assess risk and cost, in continuous dialogue, producing a requirements document unfettered by top-down micromanagement or wall-to-wall reviews and nitpicking.

The teams were manned by smart operators from the major operating command, who understood the capability needed, and by technical experts from the development command, who understood the state of the art and the risk to go beyond it. They worked in harmony in horizontal dialogue, not having to go through vertical chains of command to communicate with each other, as is the case today. Nor did the Pentagon interfere.

This process worked to produce remarkably well-constructed ORDs in less than a year in most cases. The ORD, approved by the operating and development command, went directly to the service chief and secretary for validation, then to the Joint Requirements Oversight Council, which made sure it included joint service support.

Typically, the work in the Pentagon took less than six months to validate the requirement and put it on the street to industry. The key was the work done by the small teams, freed from bureaucratic tyranny and micromanagement by non-experts.

The ORD served as the main product and basis for the system specification, request for proposals and the source selection process. It kept discipline in the acquisition system throughout all pre-full-scale development milestones.

However, building small, smart teams is essential but difficult. Experience and expertise are prerequisites. Experts in development command teams must know technical and cost risks, and have a working knowledge of operational matters. Experts in the operational command teams must know threats and concepts of operations, and a working knowledge of acquisition matters. But, these experts must be trained and educated for their roles.

Today, particularly in the major operating commands, the officers defining requirements are good operators but not expert in the requirements business. To make matters worse, the responsibility for defining requirements has been subordinated in many operational commands under the plans and programming functions.

Many things need fixing in the defense acquisition system. Reform should start with eliminating JCIDS and returning to what worked — making the ORD the foundational document and driving force in acquisition programs created by small, smart teams from the responsible commands in the services The result will be an acquisition cycle that is years shorter than JCIDS, and systems that meet needed capabilities on cost and schedule.”

https://www.defensenews.com/opinion/2017/07/26/defense-acquisition-focus-on-the-requirement-document-not-the-process-commentary/

About the author: (wikipedia)

“John Michael Loh (born March 14, 1938)[1] is a retired four-star general in the United States Air Force who last served as Commander, Air Combat Command from June 1992 to July 1995. His other four-star assignment include being the 24th Vice Chief of Staff of the Air Force from June 1990 – March 1991, and Commander, Tactical Air Command from March 1991 – June 1992.”

https://en.wikipedia.org/wiki/John_M._Loh

John Loh, official military photo.JPEG

NASA Seeks Certified 8(a) Minority-Owned Contractors for $100M Headquarters IT Contract

Standard

sba-8a

“WASHINGTON TECHNOLOGY”

“NASA has kicked off the bidding on a potential five-year, $100 million contract for IT services at the agency’s headquarters in Washington.

Only small businesses with the 8(a) designation are eligible to compete for the the Headquarters Information Technology Support Services III contract. The agency posted a request for proposals on July 18 and responses are due Aug. 18.

A selected contractor will provide integrated IT, systems engineering, operations and IT-related management support services mission directorates and mission support offices at NASA’s headquarters. The solicitation also calls for management of a cloud infrastructure program in a managed computing environment at headquarters.

HITSS III has one base year with four one-year options and is the successor contract to HITSS II won by Digital Management Inc. in 2012. Media Fusion Inc. also is an incumbent contractor through a task order awarded against a GSA Schedule contract, according to Deltek.

HITSS II expires on Sept. 30 and has a potential five-year value of $177 million. Deltek estimates NASA has spent approximately $145 million over that contract’s lifespan.”

https://washingtontechnology.com/articles/2017/07/25/nasa-8a-it-hq-rfp.aspx

 

Whistleblower Hotlines: A Valuable Tool

Standard
00_EthicsCorner

Photo: iStock

“NATIONAL DEFENSE MAGAZINE’

“An effective ethics reporting tool, implemented as part of an ethics and compliance program, can help an organization detect and resolve potential misconduct issues.

It can also help support a culture of integrity and responsibility within the workplace.

Misconduct in the workplace can be devastating. The Association of Certified Fraud Examiners’ “2016 Report to the Nations” estimates that, on average, organizations lose 5 percent of revenue per year due to fraud and other misconduct.

Many organizations have implemented active and deliberate misconduct-detection processes. “Active” means that a person, or an internal control method, has been put in place and is instrumental in looking for fraud and other misconduct. Compare that to “passive” detection, in which the organization learns of unethical activity only after the fact or by accident.

How does an ethics reporting tool, such as a whistleblower hotline, fit in? It could be labeled a “passive” tool because fraud or other misconduct is often reported after it has happened. However, an ethics reporting tool can help to shed light earlier on misconduct that might otherwise continue for any length of time and cause more damage.

Knowing about misconduct sooner enables an organization to put a stop to it earlier. According to the report, the median duration of fraud prior to detection is about 18 months. For smaller organizations, early detection could mean the difference between surviving or going out of business.

A whistleblower hotline doesn’t just help bring fraud to the forefront. Other types of misconduct commonly reported using these systems are harassment, discrimination, workplace health and safety violations, alcohol/drug abuse, violence in the workplace, and conflicts of interest — to name a few.

Once an ethics program has been implemented, it needs to engage every employee, from the top down. It can’t just exist as window dressing.

Senior management needs to be committed to the ethics program and sincere about sharing their commitment with employees. Employees learn acceptable workplace behavior by taking cues from leadership. If management doesn’t believe in the ethics program and model leading with integrity themselves, employees are not likely to use the reporting tool to report any unethical conduct.

Employees may also be skeptical about coming forward to report perceived misconduct. Many people are concerned that even if they do make a report, no corrective action will be taken. But the biggest fear for employees is retaliation by co-workers and management. Ethics program best practices, as well as regulatory standards, call for ethics hotlines to ensure confidentiality for employees who report concerns and offer the option for anonymity.

External third-party ethics hotlines, which often include a case management database, can help. Third-party programs provide the ability for management and the reporter to communicate with each other about the allegation securely, within the system, enabling management to gather more information while protecting the whistleblower’s identity. This ensures a more thorough investigation of the alleged misconduct, getting to the bottom of any serious issues sooner, before they escalate.

Customizable third-party whistleblowing systems allow companies to create a program that is best suited to meet the needs of their organization, regardless of industry. They log and date stamp every report and allow management of each case to closure.

The ability to include a company’s national or global locations as part of the reporting process enables all incidents to be funneled into the one system in an organized manner.

Every industry has its own unique risk concerns and customizable third-party systems help management spot and track issues and trends, no matter the location, the department or the issue.

If they are not comfortable talking with their supervisor, a whistleblower wants to know where they can go to report ethical concerns and remain anonymous. An anonymous hotline removes many of the obstacles to reporting inappropriate behavior and gives employees, suppliers and vendors the ability to raise genuine concerns about illegal or unethical behavior.

Ethics hotlines also reduce the risk of individuals going outside the organization with their concerns, potentially damaging an organization’s reputation and causing further financial harm.

Every employee wants to know that his or her voice matters in the organization. That’s why encouraging a speak-up culture is important. Employees want to know they are part of the success of the company. Encouraging them to speak up about wrongdoing and showing them that their concerns do matter and are taken seriously creates more motivated employees who truly want to participate in the company’s future.

Many companies believe they are too small to warrant an ethics reporting system. There’s a belief that there’s too much complexity and work involved. But putting in extra upfront effort to set up a customizable program that is right for the company is well worth it when the result is more open communication, happier employees, reduced risk, and future growth and success.

When an organization implements a confidential and anonymous third-party ethics hotline, it lets employees and stakeholders know that it is serious about adherence to its code of conduct, it takes all reports of misconduct seriously, and it does not tolerate retaliation towards anybody reporting perceived misconduct.

If company leaders truly want to promote a speak-up culture, and give employees a safe place to come forward to report ethics and compliance concerns, then one of the best ways is to provide employees security and comfort of anonymity and confidentiality via a whistleblower hotline.”

http://www.nationaldefensemagazine.org/articles/2017/7/17/whistleblower-hotlines-a-valuable-tool