NIST looking for a Small Cybersecurity Business – Do you qualify?

The National Institute of Standards and Technology (NIST) is looking for a small business to assist with the creation of privacy and cybersecurity standards that will apply to federal agencies. Additionally, NIST hopes to gain assistance with the development and modeling of software and applications for various tools, including the National Vulnerability Database.(Nextgov March 29, 2021)

The sources sought notice posted on beta.SAM.gov states, “with a new and re-energized national emphasis on information security, the NIST Information Technology Laboratory’s (ITL) Computer Security Division (CSD) is uniquely positioned to ensure that new technology initiatives are selected, deployed, and operated in a manner that does not increase the risk to organizational missions, individuals and the Nation.” (ibid)

“NIST expects the requirements of its mission to expand and anticipates the need for support in meeting these requirements. The support needed to ensure a successful mission ranges from internal programmatic support to technical expertise and research consulting in a wide range of cyber and information security areas.” (ibid)

Do you qualify for the cybersecurity SINs? Give us a call.

Higher federal procurement standards for IT providers – Are you ready?

The White House is spearheading an interagency endeavor concentrating on software development that will determine federal procurement of information technology (IT). In the coming weeks, vendors can expect to see new IT security standards, governmentwide. This comes after many tech companies complained that the effort under the Trump administration limited the import of information and communications technology from “foreign adversaries.” While leaving the definition of the term “foreign adversary” up to the Commerce Secretary. In addition, the rule as it stands today is broad and raises concerns over due process.

The SolarWinds breach will ultimately raise the bar on vendor security, banning tech from many countries, not just China. It also focuses on vendors and the possibility of vulnerability disclosure policies that encourage reporting weaknesses in their products. Ultimately, vendors providing IT products and services to federal agencies must have the proper level of cybersecurity in place.

Cybersecurity and Infrastructure Security Agency Acting Director Brandon Wales said agencies are working together to ensure consistency in the government’s approach to supply chain security across the Commerce Department rule, an executive order aimed at removing foreign adversaries from the bulk power sector. Wales also said, “the administration is counting on higher federal procurement standards to elevate security across the private sector as well.”

Are your IT products compliant? Give us a call.

 

 

Alliant 2 is Out/Polaris is In

After a year of protests and federal court hearings, the Government Accountability Office has canceled its $15 billion Alliant 2 Small Business contract. GAO is calling the replacement contract “Polaris.” A GSA spokesperson said, “Polaris will not only guide small businesses through the federal market, it will also help GSA customer agencies through the acquisition of IT service-based solutions, and give GSA a chance to improve our offerings and set the agency on a solid course for the future.” (GSAblogs.gsa.gov, October 1, 2020)

Administration sees the industrial base broadening by:

  • Pricing Strategy: GSA plans to increase its pool of qualified small businesses that serve federal agencies. GSA will employ Section 876 of the Fiscal Year 2019 National Defense Authorization Act, allowing contract awards to qualifying contractors without consideration of prices for hourly services. Focus on price competition ultimately takes place at the task order level.
  • On-ramps: Allows for an expanded industrial base as technology changes and for vendors to be considered on the GWAC following an initial award period.
  • Opportunity Expansion: An increased opportunity for HUBZone and woman-owned businesses.
  • Embracing Technology to Maximize Efficiency: Polaris will provide agencies with access to emerging technology providers, especially those offering artificial intelligence, automated technologies, blockchain, 5G implementation, cybersecurity, and cloud. (ibid)

The vendor evaluation strategy will be similar to that used in the Veterans Technology Services 2 and Alliant 2 contracts. Both were guided by industry comments. FAS may utilize an online proposal submission tool to speed up Polaris contract awards, as well as a modified evaluation strategy. (Federal Computer Week, October 5, 2020)

Questions about the Polaris evaluation strategy and how your company might do business on the platform? Give us a call.

Can Alliant 2 Be “Newer, Better” ?

GSA has finally put us all out of our Alliant 2 Small Business misery. Last week they canceled the acquisition contract. The original award was wrought with confusion, protests, and court disputes, so cancellation isn’t that surprising. (Nextgov, July 2, 2020)

However, GSA promises that the small business IT instrument will live on in a newer, better solicitation. Keep your eyes peeled for the larger and newly structured solicitation. No word yet on the release date of the new solicitation. (ibid)

Laura Stanton, acting GSA Assistant Commissioner for the Office of Information Technology when announcing the cancelation said, “The needs of our customer agencies, small business partners, and industry partners are rapidly evolving, GSA is committed to finding ways for our GWACs to reflect the current IT marketplace so that we can maximize the opportunities for small and women-owned, HUBzone, service-disables veteran-owned, and 8(a) small businesses to contract with the government for cybersecurity, emerging technology, and IT supply chain risk management needs.”

Stanton also said, “we are working to expand the number of master contract awards to highly qualified small businesses on our GWACs, while focusing on technology requirements that support our customer agencies for future mission success.” (ibid)

Questions about the cancellation and or the upcoming solicitation? Give us a call.

More COVID-19 Guidance

Last week the Office of Management and Budget (OMB) updated its agency guidance for federal contractors, as a response to the COVID-19 pandemic. The three main takeaways are:

  • Agencies are encouraged to work with their contractors to allow for the maximization of telework.
  • Agencies must be flexible providing extensions to performance dates if working virtually isn’t possible or if a contractor must quarantine. Agencies should also weigh whether to keep key personnel in a mobile-ready state for national security measures.
  • Agencies are urged to leverage the special emergency procurement authorized in connection with the emergency declaration under the “Stafford Act”. These include increases to: the micro-purchase threshold; the simplified acquisition threshold; and the threshold for using simplified procedures for certain commercial items. These are designed to reduce discord for contractors, especially small businesses, allowing for a more rapid response to the increasing demands agencies face. (Nextgov, March 22, 2020)

The agency guidance comes after trade groups and lawmakers strongly voiced the need for contractor guidance. The updated guidance includes a section of frequently asked questions, including contractor exposure to COVID-19. (ibid)

OMB also issued technology guidance for use during the COVID-19 national emergency. The technology guidance also includes a FAQ section, with steps to ensure IT and cybersecurity measures are met while working remotely. It urges agencies to continue updating their websites to enable public access to government services.

Need some help figuring out OMBs agency guidance for contractors? Give us a call.