Georgia Tech Procurement Assistance Center

Contractors get more time to meet new security regs

By

securitUS DoD logoThe Defense Department has given contractors two years to meet new requirements for securing sensitive DoD data on non-Federal IT systems, responding to industry concerns over moving too quickly to the new standards.

The New Defense Federal Acquisition Regulation Supplements (DFARS) were supposed to go into effect Dec. 31. But DoD backed off its initial plan after industry objections surfaced last fall.

The new DFARS was published in August 2015 to reflect the “urgent need to increase the cyber security requirements” on information held by contractors, said DOD spokeswoman Lt. Col. Valerie Henderson.

The new rules require contractors to comply with National Institute of Standards (NIST) Special Publication 800.171 to protect Controlled Unclassified Information (CUI).

The 77-page document establishes a streamlined set of controls drawn from the much larger Special Publication 800-53, a 462-page catalog of NIST security controls developed for federal IT systems.

Keep reading this article at: https://www.govtechworks.com/protecting-sensitive-government-info-on-contractor-networks

Contractors to give GSA IT security plans

By

The General Services Administration will require vendors to provide information technology security plans detailing how they are meeting federal cyber regulations under a new rule published on Jan. 6, 2012.

GSA said that changes are will apply to IT contracts awarded after Jan. 6, 2012 and that contractors must submit their IT security plans within 30 days of the contract award.

The plan should detail the processes and procedures the contractor will follow for “appropriate security of IT resources… used under the contract.”

GSA said it will use this information to verify that IT data and systems are effectively secured from unauthorized users. GSA will also inspect prime contractors’ and subcontractors’ facilities and IT systems.

Both prime and subcontractors will submit written proof of IT security authorization six months after the award in order to verify the validity of their security plan. The required plans and proposals will be included in IT contract solicitations.

— by Katelyn Noland, ExecutiveGov, on Jan. 6, 2012 at http://www.executivegov.com/2012/01/contractors-to-give-gsa-it-security-plans/

 

Security contract could top $1 billion; should contain small business opportunities

By

The State Department is opening a competition potentially worth more than $1 billion to provide a variety of security services, from screening for explosives to improving the protection of technical equipment.

The department’s Bureau of Diplomatic Security is overseeing the initiative, which would take the place of a contract awarded to Siemens Government Services in 2005. That deal expires in 2011.

Ashley Bergander, manager of federal programs with government contracting market analysis company FedSources, said she anticipates an aggressive competition.

Siemens “obviously has an advantage because they’re the incumbent,” she said. “But just in the kind of [tight budgetary] environment the government’s in right now . . . I think that it’s kind of a fair game for anyone.”

Though the actual contract value will depend on awards, Bergander said looking to the past contract suggests the new version could very well be worth more than $1 billion. The original contract was initially capped at $550 million, she said, but that total was adjusted and current spending on the contract has topped $1 billion.

Alexander Rossino, a principal analyst with Input, a firm that studies the government contracting market, said it’s likely — but not yet fully clarified — that the program will be split into several contracts, providing more shots for contractors. Some work could be set aside for small businesses, and there will certainly be subcontractor opportunities for smaller companies.

Hundreds of companies that use Input have marked the program of interest, according to Rossino.

“It looks like it’s going to end up being a contract that combines standard security operations — [like] setting up security barriers — [with] also implementing security systems,” said Rossino, who added that the contract could have a cybersecurity element. However, he cautioned that State Department officials have been tight-lipped about the initiative.

The security market — and particularly providing security services overseas — is considered less susceptible to budget cuts.

For contractors, “it would be good to get your foot in the door with the Department of State because there is going to be more growth in that kind of area,” said Bergander.

— by Marjorie Censer – The Washington Post –  January 3, 2011

Contracting News

Read More

Contracting Tips

Read More

GTPAC News

Read More

Georgia Tech News

Read More