Georgia Tech Procurement Assistance Center

Small businesses preferred in DoD’s search for innovative technology to support nation’s security

By

The Department of Defense (DoD) is accepting — until May 3, 2016 — white papers as part of a Broad Agency Announcement (BAA) for the Fiscal Year 2016 Rapid Innovation Fund (RIF).  RIF facilitates the rapid deployment of innovative technologies as a part of military systems or programs that address critical national security needs.  DoD is seeking mature prototypes for final development, testing, evaluation, and integration under this program, and awards may be as much as $3 million with two years to perform the work.

RIF places a preference on technology proposals from small businesses, and small businesses may choose to collaborate with universities, large businesses, and other small businesses.

Topics of interest include areas identified by DoD as operational or national security needs, or technologies that will accelerate or enhance military capability or support a major defense acquisition program.  Proposals should indicate how the proposed solution:

  • stimulates innovative technologies,
  • reduces acquisition or lifecycle costs, or
  • addresses technical risk.

A broad range of requirements are covered.  Examples include:

  • sensor fusion data systems;
  • unmanned aircraft system command and control, software test suites, and multi-unmanned aircraft systems;
  • enhanced forensic analysis methods;
  • advanced technologies for lighter weight, better performing, and soldier protective equipment;
  • lightweight and portable power generation and storage systems;
  • affordable Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) technologies;
  • additive manufacturing technologies;
  • enhanced space situational awareness;
  • advanced data analytics;
  • cybersecurity;
  • medical informatics and telemedicine; and
  • counter-unmanned aircraft system capabilities.

Due Dates: An amendment to the RIF that provides answers to questions posed to date will be posted on FedBizOpps by April 15, 2016.  Proposals consisting of a three-page white paper and quad chart are due by 3:00 PM (EDT) on May 3, 2016.  Invitations to submit full proposals are expected by September 15, 2016, and awards are anticipated by January 3, 2017.

RIF Schedule

Total Funding and Award Size: Total funding available for RIF awards is $250 million in FY 2016.  In previous years, about 2,000 white papers were submitted, and of those submitted between 150 and 200 were asked to submit full proposals.  About 100 awards were made annually, primarily to small businesses, and teams led by small businesses, at an average of $2.1 million.  Awardees are given 24 months to complete their funded efforts.

Eligibility and Limitations: The competition is open to all businesses and academic institutions capable of satisfying the government’s needs.   Emphasis is placed on source selection of technologies from small businesses or teams with small business participation.

Sources and Additional Background:

Contractors get more time to meet new security regs

By

securitUS DoD logoThe Defense Department has given contractors two years to meet new requirements for securing sensitive DoD data on non-Federal IT systems, responding to industry concerns over moving too quickly to the new standards.

The New Defense Federal Acquisition Regulation Supplements (DFARS) were supposed to go into effect Dec. 31. But DoD backed off its initial plan after industry objections surfaced last fall.

The new DFARS was published in August 2015 to reflect the “urgent need to increase the cyber security requirements” on information held by contractors, said DOD spokeswoman Lt. Col. Valerie Henderson.

The new rules require contractors to comply with National Institute of Standards (NIST) Special Publication 800.171 to protect Controlled Unclassified Information (CUI).

The 77-page document establishes a streamlined set of controls drawn from the much larger Special Publication 800-53, a 462-page catalog of NIST security controls developed for federal IT systems.

Keep reading this article at: https://www.govtechworks.com/protecting-sensitive-government-info-on-contractor-networks

Pentagon unveils new rules requiring contractors to disclose data breaches

By

New sweeping defense contractor rules on hack notifications took effect August 26, 2015, adding to a flurry of Pentagon IT security policies issued in recent years.

ombThe Office of Management and Budget proposed guidelines to homogenize the way vendors secure data government-wide. The Defense Department had already released three other policies that dictate how military vendors are supposed to handle sensitive IT.

Now, industry, which is already concerned about overlapping and burdensome cyber rules, worries the Pentagon will go back and retroactively change contracts, after the White House draft is finalized.

pentagon-sealThe new Pentagon regulations for “Network Penetration Reporting and Contracting for Cloud Services” cover more types of incidents and more kinds of information than past policies. The guidelines also apply to a broader swath of the contracting community.

Keep reading this article at: http://www.nextgov.com/cybersecurity/2015/08/pentagon-tries-harmonize-contractor-data-breach-rules/119498

What are your odds of getting a security clearance?

By

Is it easy to get a security clearance? It depends on who you ask.

Among the uncleared population there sometimes is a misperception that anyone can get a clearance, based on the millions of clearance-holders out there. In 2013, Director of National Intelligence James Clapper criticized the size of the cleared workforce in a memo that called for reducing the number of individuals with access to intelligence. Recently released figures show a 12 percent decline in the size of the cleared workforce.

Those who have gone through the security clearance process understand the significant headaches involved in both the initial background investigation as well as periodic reinvestigations. Obtaining a security clearance is no easy task, and not everyone who applies will be granted access.

To see a full-size infographic on the value of a security clearance, visit: http://www.clearancejobs.com/files/infographic.html.
To see a full-size infographic on the value of a security clearance, visit: http://www.clearancejobs.com/files/infographic.html.

Keep reading this article at: http://www.govexec.com/excellence/promising-practices/2015/05/what-are-your-odds-getting-security-clearance/113362/

Contractors could get new rules for handling sensitive government data

By

Private sector government contractors may soon be subjected to new rules for managing sensitive federal information.

The National Institute of Standards and Technology (NIST) recently published draft requirements for federal and nonfederal groups with access to “controlled unclassified information” — a subset of confidential information that, while not classified, must still be protected. The Commerce Department agency is accepting public comments on the draft until May 12, 2015.

These requirements are meant to supplement rules under the Federal Information Security Management Act, which governs how federal agencies (and contractors, on their behalf) manage their own data in their own information systems, according to NIST fellow Ron Ross.

The new guidance aims to cover situations not explicitly mentioned in FISMA — for instance, when state and local governments, colleges and universities, or private organizations happen to receive federal CUI data through a contract or an agreement.

Keep reading this article at: http://www.nextgov.com/big-data/2015/04/nist-refining-rules-non-federal-groups-handling-federal-data/109399

What new cyber standards mean for federal contractors

By

The White House on Wednesday issued voluntary cyber standards aimed at defending key private networks essential to U.S. society – but it could be years before the benefits are noticeable.

While optional for industry, it is expected that the guidelines — which encourage reporting data breaches to the government — will be required for federal contractors.

Government suppliers say they felt involved in the development of the standards and are satisfied that their flexibility will not be burdensome. That same flexibility has given some security observers pause, however, over concerns that “critical infrastructure” industries, like the energy and medial sectors that sustain daily living, will remain vulnerable.

Keep reading this article at: http://www.nextgov.com/cybersecurity/2014/02/what-obamas-new-cyber-standards-mean-federal-contractors/78713/

Five provisions in the new defense policy legislation for contractors to watch

By

[Note: Contractor compensation, the acquisition process, personnel security, cloud computing, and cyber security are five issues recently identified by The Washington Post as especially significant to government contractors.  The following article provides details.]

With the military policy legislation known as the National Defense Authorization Act signed by the president over the holidays, contractors are looking for the changes that matter to them. We’ve singled out five measures that will be of interest to companies that work with the federal government.

Keep reading this article at: http://www.washingtonpost.com/business/capitalbusiness/five-provisions-in-the-new-defense-policy-legislation-for-contractors-to-watch/2014/01/03/f6dd00ec-6c10-11e3-a523-fe73f0ff6b8d_story.html 

DoD enacts rule on excluding contractors based on supply chain risk

By

The Defense Department may now officially exclude contractors or subcontractors from receiving information technology contracts based on the risk their supply chain poses to national security systems.

The authority comes from earlier national defense authorization bills and it expires in September 2018. In an interim rule published Nov. 18 in the Federal Register, DoD says the authority applies to the acquisition of any IT product or service, including commercial items, so long as the contractor in question operates a supply chain that poses a significant risk to a particular national security system.

Although the clause permitting the DoD to exclude contractors will now be a part of all defense IT contractors, the interim rule notes that it can apply only to national security systems, and then only to items “the loss of integrity of which could result in a supply chain risk to the entire system.”

Keep reading this article at: http://www.fiercegovernmentit.com/story/dod-enacts-rule-excluding-contractors-based-supply-chain-risk/2013-11-21

SAM registrations and updates suspended until Mar. 25th

By

The federal government’s on-line vendor database, the System for Award Management (SAM), is temporarily shut down for purposes of accepting new registrations and updating existing vendor registrations.

The General Services Administration (GSA), SAM’s administrator, says that vendor registration in SAM will again be available on Monday morning, March 25, 2013.

GSA gave notice of this temporary suspension of access to vendor records on SAM’s home page at https://www.sam.gov.  In a notice posted there, GSA said:

  • “Some components of SAM.gov are temporarily unavailable. Users will not be able to register a new entity or update an entity record until Entity Management is available at 9:00 a.m. on Monday, March 25. GSA currently is strengthening security measures to protect user information. The security of SAM registrants’ information is a top priority for the agency and we will continue to ensure the system remains secure.”

On March 15, 2013, GSA notified, via email entitled “SAM Security Incident,” all existing SAM registrants of a potential security breach.  In that notice, GSA told vendors:

  • “The General Services Administration (GSA) recently has identified a security vulnerability in the System for Award Management (SAM), which is part of the cross-government Integrated Award Environment (IAE) managed by GSA.
  • “Registered SAM users with entity administrator rights and delegated entity registration rights had the ability to view any entity’s registration information, including both public and non-public data at all sensitivity levels.
  • “Immediately after the vulnerability was identified, GSA implemented a software patch to close this exposure.  As a precaution, GSA is taking proactive steps to protect and inform SAM users.
  • “The data contained identifying information including names, taxpayer identification numbers (TINs), marketing partner information numbers and bank account information. As a result, information identifiable with your entity registered in SAM was potentially viewable to others.
  • “Registrants using their social security numbers instead of a TIN for purposes of doing business with the federal government may be at greater risk for potential identity theft. These registrants will receive a separate email communication regarding credit monitoring resources available to them at no charge.
  • “In the meantime, we wanted you to be aware of certain steps that all SAM users may want to take to protect against identity theft and financial loss.
  • “Specific information is available at www.gsa.gov/samsecurity.  If you would like additional background or have questions, you may call 1-800-FED-INFO (1-800-333-4636), from 8 a.m. to 8 p.m. (ET), Monday-Friday starting Monday, March 18. We recommend that you monitor your bank accounts and notify your financial institution immediately if you find any discrepancies.
  • “We apologize for any inconvenience or concern this situation may cause. We believe it is important for you to be fully informed of any potential risk resulting from this situation. The security of your information is a critical priority to this agency and we are working to ensure the system remains secure. We will keep you apprised of any further developments.”

GSA’s March 15th email to vendors was signed by Amanda Fredriksen, Acting Assistant Commissioner, Integrated Award Environment.

There have been system implementation issues associated with SAM ever since its launch in July 2012.  Counselors with the Georgia Tech Procurement Assistance Center (GTPAC) continue to make themselves available to vendors encountering SAM registration problems.  We have identified a number of remedies to assist Georgia businesses in the registration pr0cess.  For vendors located outside the state of Georgia, please be advised that there are procurement technical assistance centers (PTACs) located across the country who stand ready to assist businesses with SAM and other government contracting issues.  To find the PTAC nearest you, please visit: http://www.aptac-us.org/new/Govt_Contracting/find.php.

For more background on SAM implementation, please visit: http://gtpac.org/tag/sam/

 

Report: Slight decline in 2011 contractor clearances from previous year

By

The number of security clearances held by contractors slightly declined in 2011 compared to 2010, according to Fierce Government.

Citing a report from the Office of the Director of National Intelligence, Molly Bernhart Walker wrote 4.86 million individuals held a clearance as of Oct. 1, 2011, with nearly 1.17 million of them contractors.

The previous year, 1.07 million contractors out of 4.71 million held a clearance.

Keep reading this article at http://www.executivegov.com/2012/07/report-slight-decline-in-2011-contractor-clearances-from-previous-year/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+execgov+%28Executive+Gov%29.

Contracting News

Read More

Contracting Tips

Read More

GTPAC News

Read More

Georgia Tech News

Read More