Georgia Tech Procurement Assistance Center

People are key to securing the defense-industrial supply chain

By

Infiltrating the defense supply chain is one of the most insidious means by which attackers can compromise our nation’s communications and weapons systems.  Successfully targeting a single component of the defense industrial base can cause a ripple effect that can significantly impact everything from data centers to war fighters in theater.

The Department of Defense’s new “Deliver Uncompromised” security initiative is designed to tackle this problem at its root cause: third-party suppliers.  In essence, the DoD is requiring its suppliers to bake security into their applications from the beginning of the production process.  A “good enough” approach that just clears the bar for minimal security criteria is no longer good enough.  Security must be ingrained in the very fabric of the entire production process.

Continue reading at:  Fifth Domain

Weak links in the defense supply chain

By

Industry experts told Congress recently that poor awareness of federal cybersecurity contracting standards and a lack of visibility by contractors into their own supply chains are at the heart of problems that have led to widespread targeting and theft of U.S. economic and national security secrets by nation state hackers.

According to a survey of small and medium-sized defense contractors conducted by the National Defense Industrial Association, less than 60 percent of respondents said they read the Defense Federal Acquisition Regulation Supplement that lays out minimum security standards for contractor information systems, while nearly half of those who did said they found it hard to understand.

About 45 percent of respondents hadn’t read National Institute for Standards and Technology guidelines for protecting controlled unclassified information.

Keep reading this article at: https://fcw.com/articles/2019/03/31/defense-supply-chain-weak-links.aspx

See GTPAC’s video, template and other resources designed to help contractors comply with the DoD/NIST cybersecurity rules at: http://gtpac.org/cybersecurity-training-video/

DoD and other agencies seek to enhance contractors’ cyber and supply chain security

By

The Department of Defense (DoD) and its component services and agencies are taking several independent steps to assess and enhance their cyber and supply chain security that will directly or indirectly affect DoD contractors and subcontractors.

Other federal agencies, including the Department of Homeland Security (DHS), Commerce, and General Services Administration (GSA), are also considering or implementing measures to enhance cyber and supply chain security that will directly or indirectly affect government contractors and their supply chains.

These initiatives will intensify scrutiny of government contractors and subcontractors, increase their cyber and supply chain security compliance requirements, and affect their ability to compete for, and win, government contracts. This article summarizes these initiatives and states our view that, despite the proposal and likely adoption of a comprehensive new Federal Acquisition Regulation (FAR) cybersecurity clause next year, federal government contractors and subcontractors are likely to face multiple, overlapping, and possibly conflicting cybersecurity and supply chain requirements for some time to come.

Keep reading this article at: http://www.mondaq.com/article.asp?articleid=767144

See GTPAC’s video, template and other resources designed to help contractors comply with the DoD/NIST cybersecurity rules at: http://gtpac.org/cybersecurity-training-video/

DoD makes supply chain risk management a permanent performance metric

By

On Sept. 19, 2018, the U.S. Department of Defense (DoD) issued a corrected Class Deviation 2018-O0020, to remove the sunset provision in DFARS 239.73, “Requirements for Information Relating to Supply Chain Risk,” that was due to expire on Sept. 30, 2018. The deviation is effective immediately.

This new deviation implements Section 881 of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2019. Section 881 made the requirements for supply chain risk management under DFARS 239.73 permanent by placing its authority under a statute (10 U.S.C. § 2239a). This reauthorization reflects the continual efforts by Congress and the DoD to increase oversight on contractors supply chain and use risk management as a metric for contract performance.

DFARS Subpart 239.73, along with its contract clauses DFARS 252.239-7017 and DFARS 252.239-7018, places a significant onus on contractors to investigate its own supply chain to minimize and mitigate any perceived security risks. Failure to meet the requirements of the regulations creates significant risk to a contractor.

  • First, there is an explicit requirement in DFARS 252.239-7018 requiring contractors to actively mitigate supply chain risk during performance of the contract. However, the clause provides no additional information or standard to what is considered adequate mitigation.
  • Second, there is an implicit incentive for contractors to ensure that their supply chain is risk-free because the contractor is not the only entity to investigate risks in its supply chain. DFARS 252.239-7018 provides the government with an incredible oversight capability by permitting it to consult both public and non-public information, including all-source intelligence, to determine whether a contractor’s supply chain creates a risk.

Keep reading this article at: http://www.mondaq.com/article.asp?articleid=743224

Ports Authority, Georgia Tech, and Center for Innovation sign MOU to tap into advanced logistics planning

By

The Georgia Ports Authority, the Georgia Institute of Technology, and the Georgia Center of Innovation for Logistics signed a Memorandum of Understanding (MOU) on July 31 at the Port of Savannah that creates a new relationship aimed at supporting the state’s logistics industry in economic development, research, and education.

“For years, Georgia Tech has been honored to work together with the Ports Authority, Governor Nathan Deal’s office, and business and government throughout the state in logistics, transportation, manufacturing, and education to strengthen our State economy and create jobs,” said Georgia Tech President G.P. “Bud” Peterson. “We are pleased to further solidify this partnership to benefit Georgia’s transportation and logistics industry.”

The Georgia Ports Authority, the Georgia Institute of Technology, and the Georgia Center of Innovation for Logistics signed a Memorandum of Understanding (MOU) on Tuesday (July 31) at the Port of Savannah that creates a new relationship aimed at supporting the state’s logistics industry in economic development, research and education. Pictured are from left, Griff Lynch, executive director, Georgia Ports Authority; U.S. Rep. Buddy Carter, R-Georgia; G.P. “Bud” Peterson, Georgia Tech president; Jimmy Allgood, Georgia Ports Authority chairman; and Matt Markham, director of the Center of Innovation for Logistics.

The goal of the MOU is to bring advanced research, evolving global logistics trends, and analysis from the world to Savannah. By tapping into the hands-on expertise at GPA and the Center of Innovation for Logistics — as well as the high-tech analysis and research at Georgia Tech’s Supply Chain and Logistics Institute — cargo owners and third-party logistics providers will gain superior insight into everything from when and where to build infrastructure to improved efficiency in cargo routing.

“Georgia Tech’s Supply Chain & Logistics Institute has established logistics improvement partnerships in global trade hubs such as Rotterdam, Singapore, Shenzhen, and Panama,” said GPA Board Chairman Jimmy Allgood.   “I am delighted to announce that for their first such agreement with a port authority in the Western Hemisphere, they have chosen an organization that is in their own state of Georgia.”

Georgia Tech’s Stewart School of Industrial and Systems Engineering has been ranked No. 1 in the country for the past 28 years, and Georgia Tech is recognized as one of the leading research universities in the world.

Matt Markham, director of the Georgia Center of Innovation for Logistics, said the collaborative effort further strengthens the state’s position as an economic development leader.

“Most companies that choose Georgia as their home depend on its world-class logistics for their success,” Markham said. “Our new relationship builds on our center’s goal of providing company-specific analyses and facilitating connections between logistics providers and potential clients.”

The multi-modal network is designed to combine ocean, truck, rail, and air transportation to create optimal conditions for an easier and faster network. GPA Executive Director Griff Lynch said the initiative will allow the Georgia Ports Authority to continue growing its service area across the U.S. Southeast and beyond.

“We are excited to enter into this agreement between our organizations,” Lynch said. “The MOU leverages the Institute’s predictive analytics and supply chain optimization, the Center of Innovation for Logistics’ network of connections, and the GPA’s experience in the field as an industry leader.”

ABOUT THE GEORIA PORTS AUTHORITY:

Since 1945, Georgia’s ports have served as magnets for international trade and investment, enriching the state’s economy to benefit all Georgians. The Georgia Ports Authority is dedicated to providing customers with the most efficient, productive port facilities in the nation, and to creating jobs and business opportunities to benefit more than 9.7 million Georgians. The GPA is committed to maintaining its competitive edge through development of leading-edge technology, marketing and operations to move cargo faster. And, the Authority is working hard to identify what must be done today to sustain growth, performance and security for tomorrow.

ABOUT THE GEORGIA INSTITUTE OF TECHNOLOGY:

The Georgia Institute of Technology, also known as Georgia Tech, is one of the nation’s leading research universities — a university that embraces change while continually creating the next. The next generation of leaders. The next breakthrough startup company. The next life-saving medical treatment. Georgia Tech provides a focused, technologically based education to more than 25,000 undergraduate and graduate students. Georgia Tech has many nationally recognized programs, all top-ranked by peers and publications alike, and is ranked in the nation’s top 10 public universities by U.S. News and World Report. It offers degrees through the Colleges of Computing, Design, Engineering, Sciences, the Scheller College of Business, and the Ivan Allen College of Liberal Arts. As a leading technological university, Georgia Tech has more than 100 centers focused on interdisciplinary research that consistently contribute vital research and innovation to American government, industry, and business.

ABOUT THE CENTER OF INNOVATION FOR LOGISTICS:

The Center of Innovation for Logistics facilitates innovative logistics solutions that leverage Georgia’s superior business climate and enhance cargo-owing companies’ competitiveness. Exclusive to Georgia, the Center collaborates with companies that currently ship to or from Georgia, as well as those looking to locate in Georgia to deploy the world’s best multi-modal logistics for supply chain success. With targeted efforts to engage its unique position in state government with partnerships in the logistics industry, the Center provides impactful forums for companies to network, address industry issues, and share knowledge.

Source: http://www.news.gatech.edu/2018/07/31/gpa-georgia-tech-center-innovation-sign-mou 

DHS would get more power to bar risky contractors under dueling proposals

By

Two House Republicans are working on legislation that would expand the Homeland Security Department’s authority to deny contracts to companies that pose cybersecurity supply chain threats while the Trump administration is pushing an even more expansive proposal.

The bill in the House will be modeled on authorities Congress gave the Defense Department in 2011 that were implemented in 2015, said Rep. Scott Perry, R-Pa., who is drafting the bill with Rep. Peter King, R-N.Y.

Under those rules, Pentagon contracting officers can bar vendors that pose a security risk from competing for contracts before they’re awarded and halt contractors from hiring risky subcontractors after an award.

Under current Homeland Security Department rules, contracting officers working on unclassified contracts can’t bar vendors before an award based on information provided by intelligence agencies, Soraya Correa, the department’s chief procurement officer, who testified before two House Homeland Security panels last Thursday.

Keep reading this article at: https://www.nextgov.com/cybersecurity/2018/07/dhs-would-get-more-power-bar-risky-contractors-under-forthcoming-bill/149675/

 

Cybersecurity — A big deal for contracting

By

Almost anyone in government, if not indeed the country at large, is aware of the security risks of the information systems we are now completely dependent upon.  And make no mistake — we are completely dependent upon them.

Technology has evolved to vastly augment our human capabilities. It has affected how we complete our daily work, conduct financial transactions, travel from one place to another and socialize with one another. Unfortunately, while the sophistication of the technology on our desks and in our homes, cars and carried about with us continues to rise, this sophistication is matched, if not exceeded by, the abilities of those who would do us harm.

It used to be that the protective physical barriers of our homes or workplaces — as well as the invisible barrier of “privacy” in our private lives — kept such people at bay. However, technology has also allowed such people to transcend and reach through such barriers, intruding into every aspect of our identities and personal or privileged information. Many of us have been “hacked” or tricked in one way or another into losing this data. “Cybersecurity” is a national security threat to the nation, and so far government response is still a work in progress.

In contracting, this issue is not technically new.

Keep reading this article at: http://fifthdomain.com/2017/05/17/cybersecurity-a-big-deal-for-contracting-commentary/

 

Georgia Tech Savannah hosts logistics seminar Aug. 18

By

Georgia TechJoin Georgia Tech faculty members Martin Savelsbergh and Natashia Boland to learn how Savannah’s multimodal supply chain can enable optimal use of resources while being more efficient and cost effective.

From rail, ship, storage, and truck, Georgia Tech’s professors will make innovative freight logistics ideas relatable to industry in Southeast Georgia.  Attendees will hear how trends in freight logistics optimization affect local supply chains.

This latest “Learners & Leaders” session will take place on August 18, 2016 at the Georgia Tech-Savannah campus.

Breakfast and networking begin at 7:30 a.m.  The program will run from 8:00 to 9:30 a.m.  The cost of the session is  just $15.

To register go to: https://pe.gatech.edu/courses/learning-series-collaborative-logistics-leveraging-savannah’s-assets-changing-environment

Here are descriptions of other upcoming “Leaders & Learners” sessions:

Making the Most of Coaching and Mentoring  –  September 15, 2016

Effective coaching and mentoring doesn’t follow a one-size-fits-all strategy. Each person has different skills, experiences, motivations, and professional and organizational circumstances, so perceptiveness and adaptability are paramount. In this session, you will learn about these guidelines as well as common considerations and roadblocks. Kevin Jackson, founder and president of EnviroVac Holdings, LLC, will share coaching stories and tips. David Paddison, president of Seacrest Partners, Inc., will discuss the power of mentoring. Those who are middle and upper management professionals who work for mid- to large-size companies, as well as those who are about to transition to management roles, will benefit from this session.

Innovation in Savannah – October 13, 2016

As an entrepreneur or business owner, you know the key to success is innovation. But moving from beyond the buzzword to actually implementing creative and successful ideas involves more than creative minds and good luck. This session will teach you about this iterative process and the history, and you’ll hear three local entrepreneurs talk about their visions, struggles and recommendations. Presenters will include Howard Morrison, advisor to entrepreneurs and catalyst for community development; Blake Ellis, CEO and founding partner of CommerceV3; and Yvonne Jouffrault, founder and chief product nerd at Tour Buddy Apps and entrepreneur-in-residence for the Advanced Technology Development Center, a technology incubator at Georgia Tech. Entrepreneurs, creative thinkers, middle and upper-management professionals who work for mid- to large-size companies, as well as those who are about to transition to management roles, will benefit from attending.

Internet of Things – What It Is, Why You Should Care, and How It can Boost Your Business – November 10, 2016

The Internet of Things (IoT) — such as connected devices, vehicles, buildings, appliances, and wearables — is a network of physical objects that is discussed constantly in the technical community. However, most business leaders know little about it. During this session, presenters Russ Clark, co-director of the Georgia Tech Research Network Operations Center, and Bill Eason, research scientist at Georgia Tech’s Institute for People and Technology, will demystify IoT for you. They’ll describe the incredibly rich, real-time customer and business operations data you can gather, as well as highlight fundamentals of IoT that organizations must think through. Professionals from small to mid-size businesses interested in how mobility and the Internet of Things can transform their business operations will benefit from this session.

Visit pe.gatech.edu/savannah-campus/courses/learning-series to register for any of these sessions.

Air Force wants contractors to rein in supply chain costs

By

The Air Force thinks it’s paying more for its goods and services than it should and wants to put pressure on its contractors to reduce costs in their supply chain.

Previously, when the Air Force negotiated contracts, much of it went to prime contractors, but now 60 to 70 percent of that is subcontracted, said the Air Force’s Deputy Assistant Secretary for Contracting Wendy Masiello.

“So we’re spending a lot more time understanding those supplier partnerships,” said Masiello at an April 16 Air Force Association breakfast. “It’s an area of expertise that you would hope the primes are starting to develop in order to manage those costs, but there’s often less motivation to be as stringent in those relationships. It’s often more about maintaining those suppliers as long-term partners.”

Keep reading this article at: http://www.fiercegovernment.com/story/air-force-wants-contractors-rein-supply-chain-costs/2014-04-20 

DoD enacts rule on excluding contractors based on supply chain risk

By

The Defense Department may now officially exclude contractors or subcontractors from receiving information technology contracts based on the risk their supply chain poses to national security systems.

The authority comes from earlier national defense authorization bills and it expires in September 2018. In an interim rule published Nov. 18 in the Federal Register, DoD says the authority applies to the acquisition of any IT product or service, including commercial items, so long as the contractor in question operates a supply chain that poses a significant risk to a particular national security system.

Although the clause permitting the DoD to exclude contractors will now be a part of all defense IT contractors, the interim rule notes that it can apply only to national security systems, and then only to items “the loss of integrity of which could result in a supply chain risk to the entire system.”

Keep reading this article at: http://www.fiercegovernmentit.com/story/dod-enacts-rule-excluding-contractors-based-supply-chain-risk/2013-11-21

Contracting News

Read More

Contracting Tips

Read More

GTPAC News

Read More

Georgia Tech News

Read More