GSA's acquisition strategy for new contracting writing system surprises some vendors

By Jason Miller

August 12, 2019

A little over two weeks ago at an event hosted by AFFIRM, Alan Thomas, the commissioner of the Federal Acquisition Service at the General Services Administration, promised to have the acquisition strategy for a new contract writing system completed in a week or so.

Thomas’ group delivered on that promise, but the decision to move the Contract Acquisition Life-Cycle Management (CALM) system under the yet-to-be awarded IT services procurement vehicle known as COMET may have been a bit surprising.

Industry sources, who all requested anonymity in order to talk about a procurement they may be bidding on, say while in many ways it makes sense to move CALM under COMET, it’s also a decision that should’ve come more than a month ago and is a little frustrating.

Industry sources say some companies were planning on bidding on the contract writing system that could be a proof-of-concept for one that is eventually offered governmentwide. But those same companies may not have bid on the CIO Modernization and Enterprise Transformation (COMET) vehicle, but would’ve if they had known about GSA’s plan to not issue CALM as a standalone procurement or through another existing vehicle like Alliant 2.

Thomas confirmed the possibility that if successful, CALM could be expanded to other agencies during the AFFIRM event.

“I had this conversation with friends at the Office of Management and Budget. They said, ‘let’s do something for the whole government.’ I said, ‘that’d be great, but we don’t even use one thing for ourselves, and what we use is kind of old and all our folks are grumbling about it so I don’t want to sell that to somebody else,’” Thomas said. “My thought was let’s use ourselves and our 1,000 1102s [contracting officers] as the place to show how to do it and do it right, and from there, if it has applicability beyond that, great, we can talk about it. But we are not a credible provider until we are doing it ourselves.”

But GSA’s decision to compete the contract writing system on COMET makes it impossible for some vendors to bid on CALM now as a prime because the due date for proposals for COMET was early July.

GSA released the solicitation for COMET on June 18 with a goal of creating a multiple award blanket purchase agreement on top of IT schedule 70. GSA says it plans to make between 10 and 12 awards with at least 25% of them being set aside for small businesses. The BPA will ask vendors to provide a host of IT services, including operations and maintenance, cloud and the continued development and support of the acquisition systems portal called beta.SAM.gov. GSA plans to take a three-step approach to the evaluation of contractors, including an in-person technical challenge. In April, GSA issued the RFP for the first and much smaller part of COMET focused on architecture, engineering and advisory support.

GSA released a draft request for quotes for CALM on July 8, and held an industry day webinar Aug. 6 to announce its acquisition strategy.

The decision to use COMET for the contracting writing system seemed to come from the feedback GSA received on the draft request for quotes (RFQ). Responses also highlighted everything from the length of CALM — 10 years — to the need to clarify the cloud security requirements, to incorporating standards from the Unified Shared Services Management office.

Contract writing system timeline delayed

A summary of the themes that came out in the responses, which the agency gave to vendors at the webinar, said contractors were concerned about whether bidding on COMET would’ve precluded them from bidding on CALM.

“GSA stated that a shift toward utilizing the new COMET vehicle for the CALM procurement provides them the time to re-engage with industry and enable a more robust procurement,” said one industry source. “This is a great example of government taking a more holistic approach in order to more effectively plan for long-term needs.”

In the industry presentation, which Federal News Network obtained, GSA says “using COMET would reduce industry organization conflict-of-interest concerns; enable the purchase of a total solution (product and service); give CALM team more time to refine requirements and re-engage with industry on a revised draft CALM; and gives CALM a permanent home.”

GSA says CALM timeline will take 3-to-6 months longer, in part because GSA has to change the procurement to an agile task order from a blanket purchase agreement.

During the industry day webinar, GSA says it expects to award COMET in October and award CALM by winter 2020 with the first set of capabilities coming in spring 2020.

“I think it is the right move considering this is an effort to modernize their existing portfolio that is in scope for COMET. It also makes it easier for integration and also reduces overhead for GSA,” said a second industry source.

Thomas said CALM will replace the 35 to 45 different applications contracting officers use today to write and manage procurements.

“We have to have a similar core system that stores all our data and has a set of common business processes. We are working on that and it will be a big improvement for the workforce,” he said. “My tag line is there are only a few kinds of investments we can make in our people and one of them is we can put great tools in their hands. If we put great tools in their hands, they will go out and do a good job serving customers and the results will follow from there.”

CALM is expected to be one of those great tools that Thomas is referring to.

Over the next few months, GSA will send a second draft solicitation out for comment and feedback, and then finalize CALM’s acquisition strategy once it awards COMET.

Let’s hope GSA works closely with the other agencies who recently awarded contracts for contract writing systems, specifically the Navy and the Army. It’s less about using the same system and more about ensuring data and technology standards can be easily shared and integrated no matter the back-end systems.

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

To view the original article click here.

GSA plans digital services overhaul

By Dave Nyczepir

July 24, 2019

The Federal Acquisition Service plans to consolidate its online presence and self-service tools for vendors and agencies beginning sometime in late 2019 or early 2020.

FAS calls the project the Digital Experience, and it intends to help the General Services Administration, its parent agency, comply with the 21st Century Integrated Digital Experience Act, or IDEA Act.

That law mandates agencies assess new or redesigned digital services — websites, forms and applications — and prioritize usability improvements based on impact.

“Right now what we have is a lot of tools that help people, and if you know where they are that’s great; you can get to them, and you can use them.” said Crystal Philcox, an assistant commissioner at FAS, during an AFFIRM event Wednesday in Washington, D.C. “If you don’t know where they are, it’s even hard to understand that they exist.”

GSA started a multidisciplinary implementation team made up of its Technology Transformation Services office and the offices of Customer Experience, Strategic Communication, Governmentwide Policy, and the Chief Information Officer. The team will evaluate whether digital services are accessible, needs-based, consistent in look, secure, original, searchable and mobile-friendly.

The 21st Century IDEA Act also requires agencies to file annual progress reports and move paper-based systems online.

Another goal of the Digital Experience project is to help contracting officers and business program personnel performing independent government cost estimates port data into GSA’s Advantage or eBuy systems — thereby making purchasing easier, Philcox said.

“We hope in the end that … we’re going to be able to carry some of the data through these tools,” she said.

Some agencies struggle with EIS transition

FAS Commissioner Alan Thomas also provided an update on agencies’ delayed adoption of Enterprise Infrastructure Solutions, a $50 billion contract allowing them to place task orders modernizing their information technology and telecommunications infrastructure.

GSA’s Office of Inspector General recently found FAS mismanaged a task order supporting the transition to EIS, overspending while contractor Redhorse Corp. made minimal progress and forcing a transition deadline extension.

Thomas said FAS had a performance review Wednesday afternoon, where agency transition readiness scores would be shared — “a mix of red, yellow and green.”

On the vendor side, of the nine primes on the contract only three have gotten authorities to operate (ATOs), Thomas said. Three more primes are “pretty close” to ATOs and should have them before the end of fiscal 2019 on Sept. 30 — the official deadline — while the final three may have them by the end of the calendar year.

“Some are going to make it,” Thomas said. “Some probably aren’t.”

To view the original article click here.

GSA to Complete Schedule Consolidation Activities by Year’s End

By Brenda Marie Rivers

July 25, 2019

The General Services Administration is continuing efforts to unify 24 schedules into one contract vehicle to support its goal of simplifying procurement procedures for agencies and offerors, FCW reported Wednesday. Alan Thomas, commissioner of the GSA Federal Acquisition Service, told attendees at an AFFIRM event that the FAS plans to complete transition activities and address “special cases” by the end of the year.

Last month, GSA issued a request for information on potential features of the consolidated schedule. The move comes as FAS continues its implementation of the $50B Enterprise Infrastructure Solutions contract vehicle, under which agencies must release solicitations by September.

To view the original article click here.

DoD is Inviting Companies to Participate in its Public-Private Talent Exchange

The U.S. Department of Defense (DoD) invites companies to participate in the 2020 DoD Acquisition Public-Private Talent Exchange Program. This six-month acquisition exchange program provides the opportunity for mid-career civilians from the private sector and government to gain a better understanding of each other's business operations and share innovative best practices.

Through the insights of both private-sector and DoD participants, companies will develop a better understanding of the needs and challenges of their government customers. Companies in the exchange will have the ability to implement these new insights and take a proactive approach to addressing present and future government challenges and creating innovative solutions to meet client needs.

A reciprocal approach will be used; there will be one government participant for each company participant. However, this is not a job swap. Each exchange participant will continue to be compensated by their employer throughout the duration of the exchange.

Please visit www.hci.mil/ppte.html for more information. Companies interested in participating may contact Ms. Aissa Tovar at ppte@hci.mil.


PPTESponsorshipFlyer_Industry.png

HUD will use second $5M transfer to move IT modernization initiative to production

By Jason Miller

May 13, 2019

The Technology Modernization Fund still has more than $35 million to “loan” to agencies, and the board is inching closer to making a third round of awards.

Maria Roat, the Small Business Administration’s chief information officer and member of the board, said about 12 projects are in the draft phase where the agencies are working the program management office to finalize their proposals.

“Several others also have come in for phase two where they are pitching their proposals to the board,” she said after the CFO-CIO Summit sponsored by the Association of Government Accountants and the Association for Federal Information Resources Management (AFFIRM).

Roat said during the panel discussion that the board received 50 proposals worth more than $500 million over the last year plus, reviewed 37 and funded seven so far.

        Insight by HID Global: State technology leaders from New York, Texas and NASCIO come together to address IAM's newfound popularity in this free webinar.

She said the board receives agency project details on Fridays and meets on Mondays to deliberate.

One of those projects that received funding was the mainframe modernization effort at the Department of Housing and Urban Development.

HUD’s loan now at $10 million

HUD deputy CIO Kevin Cooke said the agency received it second tranche of funding from the board in the last few weeks, another $5 million to go with the same amount it received last fall.

“All of the architecture work is done. We’ve built a prototype or pilot already to make sure there was no issues with the hundreds of thousands of lines of code to make sure it would work seamlessly. That was a big part of the proof of concept,” Cooke said in an interview after the panel. “The money will allow that jump into the actual projects, not just the proof of concept.”

Cooke said the first $5 million of the $20 million loan went toward making sure the mainframe modernization plan was sound.

“In order to get this done, there is some reverse engineering of the applications that are there to make sure as we change the platform the programs do not lose any functionality,” he said. “That was a big agreement that we had with them that during this period of time they would be up and running the whole time with their current systems, and this replatform would not cause them to lose any functionality. From that standpoint, it’s a good process, but it’s a slow process. It’s not like we are starting from scratch and you get to decide all the new interfaces and all the new APIs and ways of doing this. We are working closely with them. This allows us to continue on our trajectory on the project.”

        Say thanks by sending a free eCard through our May We Say Thank You campaign during Public Service Recognition Week.

HUD is modernizing seven different mainframe systems all of different sizes. He expects the agency to complete about 20 percent of the project by the end of 2019.

“You get smarter as you go along so it gets faster as you go,” he said.

And HUD needs to get smarter and faster because that loan is coming due. HUD has to start paying back the money to the TMF in mid-2020.

Energy project delays are over

Energy won $15 million in June to accelerate its move to email in the cloud and received $2.2 million so far.

Bryan Long, Energy’s deputy CIO, said the project is a little behind schedule because of a protest of its CIO Business Operations Support Services (CBOSS) contract, which it plans to use to move some 65 disparate email systems from laboratories and offices to the cloud.

CBOSS is a $2 billion single award blanket purchase agreement for a host of IT services. The Government Accountability Office rejected ActioNet’s protest and backed Energy’s decision to award the contract to Accenture Federal Services.

Accenture’s team includes Unisys, General Dynamics Information Technology (GDIT) and Red River.

“We are behind where we had hoped to be at this point, but we do have the project awarded now under our new IT project and it will be moving out,” he said. “There is no doubt this certainly will accelerate our shift to cloud email for the remaining on-premise email systems.”

While Roat declined to name which agencies are in the final stages, it’s clear agencies are interested in the TMF loans.

Officials from two of the current awardees, HUD and the Energy, said they have other projects proposals they want to send or resend to the board.

Cooke said the agency submitted three total proposals to the board last year and may send one of those back for a second review.

“One of ones we looked at was looking at our enterprise data management. There were so many different programs involved in that and one of the things we didn’t do is show the direct impact, not just more efficiencies, but it will be easier. When we talk about the ease around data analytics, business intelligence and reporting, those were outcomes that meant something to the department, but I didn’t think we did a good enough job of showing to the outside how much better that would be in terms of being able to look at our data more holistically across all of the 19 different programs that we had.”

Cooke said the project also would’ve taken too long to show a return on investment.

Long said Energy submitted four proposals to the board last year, including the idea to move to a desktop-as-a-service and an application rationalization effort. He said Energy has learned valuable lessons from its experience with the board.

“As you are looking at projects, you need to factor in what are the savings, where are they coming from and how quick are you going to accumulate them, and what’s that overall return on investment look like,” he said. “Will it take you five years or 10 years to recoup that money that you used to do the project. Those are some of the key things you have to evaluate.”

Audit of TMF project underway

While Cooke and Long both praised the benefits of the TMF because the loan is helping each agency move more quickly on their respective projects, both said they expect more oversight and attention to their programs.

Cooke said HUD’s inspector general recently began an audit of the project.

“You want to make sure you have enough people and the right people to support these projects. It’s very high profile. There are a lot of external eyes on it, and we chose it be because of how important it is to the agency so everybody has got to be focused on it,” Cooke said. “That’s something we would have to consider when we look at what we have in front us right now that we are doing, what spare capacity would we have” for an additional TMF funded project?

One of the most talked about and highest profile pieces to the TMF is how agencies will pay back the loan.

Long said Energy runs a fee-for-service model for its enterprise cloud email so that’s the way it will pay back the loan.

Cooke said HUD expects the costs of moving off the mainframe and into a modern architecture will pay for itself quickly.

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

To view the original article click here.

First QSMOs are ‘proof points’ for new shared services model

By Dave Nyczepir

May 7, 2019

Moving agencies to integrated systems in accordance with the Office of Management and Budget’s new shared services policy won’t be easy, but the methodology is already being refined.

OMB released a memo on April 26 designating four initial agencies as hosts of quality service management offices, or QSMOs, charged with leading governmentwide adoption of common technology solutions.

Bigger, back-office lines of business like financial services and grants management were targeted first to best develop a replicable process for creating marketplaces, Margie Graves, U.S. deputy chief information officer, told FedScoop after speaking at the CFO/CIO Summit 2019.

“That’s why when you’re launching these — and I would call them proof points — it sort of lights the way because the flywheel moves faster after you get past those first few,” Graves said.

On the financial management side, the Department of Treasury and Department of Health and Human Services are the QSMOs for finance and federal grants, respectively. DOT “is a little better off” because it’s been experimenting with shared services for the past five years, said Tim Soltis, U.S. deputy controller, during the panel discussion.

Despite the progress, the finance side “is still going to be a challenge because you’ve got 24 agencies plus … around 40 systems, 19 other contracts that are maintaining the infrastructure of agency financial systems,” Soltis said. “Grants? Multiply that by 10; I mean that is going to be a major hassle to try and figure out just what the landscape is and where the lines are.”

OMB has been meeting with larger departments to figure out immediate needs and plan intermediate courses of action because, unlike with the last shared services policy memo in 2009, agencies won’t be kept waiting until a solution is ready perhaps a decade later, Soltis said.

“Everyone’s eyes glaze over when we talk about architecture,” Graves said. “But if we don’t do these plug-and-play, modular, Lego approaches to how we build these things and put them together, then we will always be in a situation where we will have to do the next hard thing.”

Gone are the days of agencies building their own, highly customized solutions that “no one else can use because it loses its license,” Soltis said.

Vendors of duplicative electronic invoicing, travel, payroll, and acquisition systems may “need to go out of business” because those systems are “built to not be interchangeable,” he added.

OMB isn’t done identifying new lines of business, and QSMOs for assisted acquisition, contract writing systems, customer experience, FOIA, travel, and real property management are forthcoming, according to the official website.

The biggest difference with the new shared services policy is governance and end state, Soltis said.

“Because the lines of business never had an end state,” he said. “It was only ever going to get to standardization.”

Click here for the original article.

AFFIRM’s ANNUAL LEADERSHIP AWARDS RECOGNIZE EXEMPLARY PERFORMANCE IN THE GOVERNMENT COMMUNITY

AFFIRM Contact:

Peg Hosky, AFFIRM Communications Committee

202-237-0300

peg@hosky.com

www.affirm.org

Washington, DC, May 1, 2019 — The Association for Federal Information Resources Management announced the government and industry leaders selected to receive the  AFFIRM Leadership Awards.  Coinciding with the 40th anniversary of this government / industry non-profit focused on improving technology’s impact on citizen’s lives, the awards celebrate the achievements of America’s best.

The AFFIRM Leadership Awards are among the most prestigious of the Federal community, honoring individuals and teams for their outstanding leadership over the preceding year. First awarded in 1979, award honorees join a prestigious list of agency executives and managers.

The AFFIRM Leadership Awardees will be recognized and honored on Thursday,
May 23, 2019 at the AFFIRM Annual Leadership Celebration, an evening reception from 6:00 pm to 9:00 pm, at the St. Regis Washington, DC. 

Award winners include:

Executive Leadership in Information Technology (Civilian)

  • Steve Rice, Deputy Chief Information Officer, U.S. Department of Homeland Security

Executive Leadership in Information Technology (DOD and Intelligence)

  • Ian Fowlie, Chief, CIO Digital Journey Office, Defense Intelligence Agency

Executive Leadership Award for Industry - Large Business

  • David Young, Senior Vice President, Strategic Government, CenturyLink

Executive Leadership Award for Industry - Small Business

  • Don Tiaga, President, FedBiz IT Solutions, LLC

Congressional Leadership Award

  • Congressman Will Hurd, (TX-23), U.S. Congress

Leadership Award in Acquisition and Procurement

  • Ken Rogers, Deputy CIO, Department of State

Leadership Award for Service to the Citizen and the Country

  • J.S. Shellenberger, Deputy Assistant Secretary, U.S. Department of Labor, Veterans' Employment and Training Service

Posthumous Leadership Award for Service to the Citizen and the Country

  • Chief Steven Elliott, Chief of Police, Miami Veterans Affairs Healthcare System

Leadership Award in Health Information Technology

  • Jose Arietta, Associate Deputy Assistant Secretary, U.S. Department of Health and Human Services

 Leadership in Technology Innovation

  • Edward Burrows, Robotics Process Automation Program Manager, U.S. General Services Administration

Leadership in Cyber Security

  • Bobby Miller, Sr. Director, Office of Cyber Monitoring & Operations, U.S. Department of State

Leadership in Cloud Computing

  • Damon Bragg, HSIN Service Operations Manager, U.S. Department of Homeland Security

 Leadership in Mobile Computing Technology

  • Joshua Kossoy, Director, Information Technology Infrastructure Operations Department, Pension Benefit Guaranty Corporation

Leadership in Big Data and Data Analysis

  • Mark E. Krzysko, Acquisition Data Executive, U.S. Department of Defense

Leadership in Artificial Intelligence and Machine Learning

  • Justin Legary, Branch Chief, U.S. Citizenship Immigration Services

Leadership in IT Modernization

  • Gundeep Ahluwalia, Chief Information Officer, U.S. Department of Labor

Special Leadership Recognition - Science, Innovation and New Technology

  • Dr. Pamela McCauley, Program Director, National Science Foundation

Emerging Leader Award

  • Kristin Solomon-Fish, Manager, IT Performance and Achievement, United States Postal Service

Leadership in Change - #changeagent

  • Alden J. Fry, Division Chief, Spartan Program Management Division, Bureau of Alcohol, Tobacco, Firearms and Explosives

President's Award

  • Confidential until AFFIRM Leadership Awards Celebration on May 23, 2019


To attend the AFFIRM Leadership Awards Celebration visit www.affirm.org


The Association for Federal Information Resources Management (AFFIRM) is a non-profit, volunteer, educational organization whose overall purpose is to improve the management of information, and related systems and resources, within the Federal government. Founded in 1979, and based in the Washington, DC area, AFFIRM's members include information resource management professionals from the Federal, academic, and industry sectors. 

www.affirm.org

@affirmtweets

How the Energy Department Tackles Cyberthreats

By Phil Goldstein, Editor, FedTech and StateTech

April 11, 2019

The energy and utilities industries remain ripe targets for cyberattacks, particularly the industrial control systems within power plants and other energy facilities. Indeed, in March 2018, the Department of Homeland Security reported that it, along with the FBI, had determined that “Russian government cyber actors” had launched “a multi-stage intrusion campaign” that targeted the networks of small commercial facilities in the energy and other critical infrastructure sectors.

While the Department of Energy’s Sandia National Laboratories are working on next-generation cybersecurity systems to fool hackers, the agency is not taking its eye off the ball when it comes to the broader IT security picture for the energy sector

Last year, the department stood up its Office of Cybersecurity, Energy Security, and Emergency Response, or CESER, to lead and coordinate the agency’s response to attacks and disruptions in the energy sector. President Donald Trump included $96 million in the fiscal 2019 budget request to launch the office. 

“We all see the magnitude and sophistication of the threats facing our energy infrastructure. Our nation’s electricity, fuel and delivery systems have become more complex and even more interdependent,” Adrienne Lotto, deputy assistant secretary for infrastructure security and energy restoration, said last month at an Association for Federal Information Resources Management Cybersecurity Summit in Washington, D.C., according to Nextgov. “As a result, the threat against the sector has become even more frequent and more sophisticated.” 

CESER leads efforts to combat all threats to the energy industry, mitigate the risks and impacts of cyberattacks and other disruptions, and help restore services if and when utilities are attacked. “We address all hazards: cyber, man-made and natural,” Lotto said.

MORE FROM FEDTECH: Find out why creative federal cybersecurity workers will have more job security. 

Energy Department Focuses on Sharing Threat Information

CESER's Cybersecurity for Energy Delivery Systems Division focuses on the research and development of innovative technologies, tools and techniques to reduce risks to the critical energy infrastructure from cyberattacks and other emerging threats

“Continuing to increase the security, reliability, and resiliency of our electricity delivery system will help ensure the success of grid modernization and transformation of the Nation’s energy systems,” the organization says on its website

The division supports the research, development and demonstration of advanced cybersecurity solutions, as well as the acceleration of information sharing to enhance situational awareness.

By 2020, CESER wants the energy sector to be able to design, install, operate and maintain “resilient energy delivery systems” that can “survive a cyber incident while sustaining critical functions.” 

To do so, CESER’s cybersecurity program supports activities in three key areas: strengthening energy sector cybersecurity preparedness; coordinating cyber incident response and recovery; and accelerating research, development and demonstration of “game-changing and resilient energy delivery systems.”

At the AFFIRM event, Lotto said CESER is “developing techniques to enhance the speed and effectiveness of threat and vulnerability information sharing that’s both bi-directional and machine to machine,” Nextgov reports. 

CESER is seeing threats to both energy sector IT as well as operational technology, Lotto said, adding that it’s important for “both the federal government and private sector to work towards closing the understanding of that gap.” 

Additionally, Lotto said at the AFFIRM summit that CESER is developing a tool called CyOTE, or Cybersecurity for the Operational Technology Environment, “which works to increase situational awareness through an industry-led approach that will share and analyze OT data,” Nextgov reports. The tool will be enhanced via insights and intelligence from the intelligence community and the Department of Energy’s national labs, she said.

Click here for the original article.

Strong public-private partnerships are imperative, former officials said.

By Brandi Vincent, Staff Correspondent, Nextgov

March 22, 2019

To better defend America’s critical infrastructure, there needs to be a paradigm shift toward establishing stronger public-private partnerships, federal leaders said Thursday.

“We’ve heard for a very long time this notion of ‘whole of government,’ or a ‘whole of government response,’” retired Lt. Gen. Reynold Hoover told attendees of the Association for Federal Information Resources Management’s Cybersecurity Summit in Washington. “But I would argue that it’s not ‘whole of government’ anymore because a catastrophic event on our critical infrastructure is going to require a ‘whole of nation’ response. And that cuts across the local community, state community, the counties involved, the federal government and all the agencies and departments.”

Hoover said working across all sectors and as special assistant for homeland security to President George W. Bush during such a transformative era for technology forced him to realize that it’s time to think differently about how to plan, exercise and carry out the defense of America’s critical infrastructure.

“When we think about the cyber threat, it is from a determined adversary. So whatever your business is, you can’t do it alone,” Hoover said. “We cannot spend our way into cyber defense, we can’t build a castle wall and expect to defend in depth anymore, we have to do it in partnership.”

He said organizations like AFFIRM are important because they have the ability to bring public and private sectors together to “think about those challenges.”

Others panelists also agreed that enhancing information sharing across all sectors is vital to ensure that appropriate securities are in place as the nation adopts 5G and the internet of things continues to proliferate.

New York Power Authority’s Chief Information Security Officer and Vice President of Critical Secure Services Kenneth Carnes said his team has been actively working to build fiercer communication channels with individual agencies and key players in the financial and other sectors.

“I think that that preparedness is something that has to be done now,” Carnes said. He added that there are certain conversations they all have sooner, not later, “to make sure it postulates into the environment to give you that proactive threat defense” when a dangerous disruption comes.

Retired Maj. Gen. Joseph Brendler, who also served as the U.S. Cyber Command’s Chief of Staff, said partnerships between federal agencies are continuing to improve. “And I think there’s room for innovative ideas around public-private partnerships and roles and responsibilities on both sides,” Brendler said.

The panelists agreed that fortifying communication channels and unifying the public and private sectors to enhance infrastructure security is more important now than ever.

“We have not seen a time when I think we have been under such a geopolitical threat that we are facing right now. We are being challenged in every domain: air, ground, sea, cyber, every domain from a very determined adversary,” Hoover said. “And when we think about our critical infrastructure owners and operators, they are faced against a very determined adversary, whether its Russia, China, North Korea or Iran. So they need our help.”

Click here for the original article.

Inside the Energy Dept.’s New $96M Infrastructure-Security Office

By Brandi Vincent, Staff Correspondent, Nextgov

March 22, 2019

The new Office of Cybersecurity, Energy Security, and Emergency Response aims to deflect cyber, manmade and natural security hazards.

The priorities and efforts of the Energy Department’s nascent Office of Cybersecurity, Energy Security, and Emergency Response, or CESER, were laid out by its first acting Principal Deputy Assistant Secretary Adrienne Lotto on Thursday.

“We all see the magnitude and sophistication of the threats facing our energy infrastructure. Our nation’s electricity, fuel and delivery systems have become more complex and even more interdependent,” Lotto told attendees of the Association for Federal Information Resources Management’s Cybersecurity Summit in Washington. “As a result, the threat against the sector has become even more frequent and more sophisticated.”

In response, she said Energy Secretary Rick Perry created the new office in February 2018 to elevate the threats to the public and private sectors and allocate resources and a workforce to address those threats head-on. The president included $96 million in the fiscal 2019 budget request to stand up the office.

Lotto said CESER leads the department’s efforts to secure the nation’s energy infrastructure against all hazards, reduce both the risks and impacts of cyber and other disruptive events, and assist in restoration when disruptions do happen—because they inevitably will.

“We address all hazards: cyber, manmade and natural,” she said.

Lotto also went into detail around the office’s early efforts. She said it is developing techniques to enhance the speed and effectiveness of threat and vulnerability information sharing that’s both bi-directional and machine to machine. She said the office has noticed that they’re seeing the threats “not only on the [information technology] side of the house but on the [operational technology] side, as well.”

She said it’s important for “both the federal government and private sector to work towards closing the understanding of that gap.”

Lotto also said that the office is working on a tool called CyOTE, or Cybersecurity for the Operational Technology (OT) Environment, which works to increase situational awareness through an industry-led approach that will share and analyze OT data.  

“That data will be enhanced by insight from the intelligence community and our [Energy] National Labs,” she said.

The office is also participating in exercises with other agencies and industry partners to enhance the security of the nation’s energy systems, and the ability to quickly bounce back after an attack or disruption. Lotto said it recently participated in an exercise with the Defense Advanced Research Projects Agency and other key partners on New York’s Plum Island. The office had the opportunity to shut down the island’s grid, and have operators practice “black starting the system,” which is a complex process to re-start a power grid.

“It was really enlightening and the team learned a lot,” she said.

The office is also working with states in both planning and coordination, to ensure they are improving their cybersecurity preparedness framework. Lotto said coordination across all of America’s governments and the private sector is ultimately crucial for success.

“It’s all hands on deck to solve a really big problem,” she said.

Click here for the original article.

What students think of government cyber jobs

By Chase Gunter, staff writer, FCW

March 22, 2019

Getting cybersecurity and tech talent into government has been a top management priority spanning administrations, but there remain fundamental challenges in selling government as an employer.

The U.S. Cyber Challenge, launched by former Federal CIO Karen Evans in 2010, holds camps and competitions around the country and helps students burnish their resumes and introduces them to recruiters.

USCCC leaders and participants said at a March 21 event that the government faces marketing and process challenges when it comes to attracting young cyber talent.

Doug Logan, USCC's chief technologist, said that for all the focus on government's inability to compete with private-sector pay, the exact dollar figure, while important, isn't disqualifying.

"The first reason why everyone tells me they don't want to work for the federal government is they think it's boring," he said. "The second reason why they say they don't want to work for the federal government is because they can't find job descriptions that match their entry-level capabilities because [agencies] all want people with a whole bunch of experience. The third reason is because the whole process of applying and actually getting hired in the federal government is horrible and painful and takes forever."

Workforce

What students think of government cyber jobs

  • By Chase Gunter

  • Mar 22, 2019

Getting cybersecurity and tech talent into government has been a top management priority spanning administrations, but there remain fundamental challenges in selling government as an employer.

The U.S. Cyber Challenge, launched by former Federal CIO Karen Evans in 2010, holds camps and competitions around the country and helps students burnish their resumes and introduces them to recruiters.

USCCC leaders and participants said at a March 21 event that the government faces marketing and process challenges when it comes to attracting young cyber talent.

Doug Logan, USCC's chief technologist, said that for all the focus on government's inability to compete with private-sector pay, the exact dollar figure, while important, isn't disqualifying.

"The first reason why everyone tells me they don't want to work for the federal government is they think it's boring," he said. "The second reason why they say they don't want to work for the federal government is because they can't find job descriptions that match their entry-level capabilities because [agencies] all want people with a whole bunch of experience. The third reason is because the whole process of applying and actually getting hired in the federal government is horrible and painful and takes forever."

Andrew Meserote, whose team won the Nevada-based camp's capture the flag competition last summer, plans to join the Department of Defense civilian cybersecurity workforce, pending a security clearance. He said the "the recruitment process [for government] is definitely slower than private industry." The slow hiring process means "there's still the chance that even if you get your clearance, the job's not there anymore."

Nicholas Bruno, whose team won the USCC's competition in Delaware back in 2016, currently does cyber and programming for a private company, but he said that he'd be open to part-time position -- or a stint in government -- if moving back and forth between government and industry was more viable.

What he said was most appealing about the prospect of working in government included the training government jobs could provide, the work he wanted to do and the prospect of obtaining a security clearance as a badge for proving trustworthiness.

USCC National Director Glenn Hernandez said not enough emphasis is put on marketing federal cybersecurity employment to job candidates.

"OPM doesn't advertise these positions because they leave it to agencies to push their own things, and there's not that type of recognition that these types of folks that are coming into the workforce need to have a different culture in order to attract them," Hernandez said.

Once new hires are on board, it's important to challenge them with interesting work.

"If they're staring at a screen for eight to 10 hours a day, you just lost them. Within months," he said.

The administration is piloting ways of getting folks already in government to fill those vacant positions. Jason Gray, CIO of the Department of Education, said the early interest among current federal employees on learning cybersecurity skills via the Cyber Reskilling Academy is a good starting point.

Gray, who is also the chairman of the CIO Council's IT Workforce Committee, said the "real goal" of pilot was to see if the model of cybersecurity training was something that would generate interest.

The reskilling effort is " really focused on enhancing the employee, and in many cases, the employees will probably get the education and bring it back to their organization and further the cyber efforts," he said. "It's really a win-win, regardless of whether they transition out of the work that they're in right now."

Click here for the original article.

Grooming the next generation of tech talent requires honest mentoring, according to government tech leaders.

By Brandi Vincent, Staff Correspondent, Nextgov

February 28, 2019

Mentorship is crucial to success so pay it forward, a panel of government tech leaders said Thursday.

“Mentoring is not a buzzword. It’s a very real thing. We all need help along the way to bring our best selves out,” Commerce Department Deputy Chief Information Officer Terryne Murphy said as part of a panel at the Association of Federal Information Resources Management’s “Trailblazing Women of Government IT” event in Washington.

Murphy reflected on the coaching that she’s received and the significant impacts that her own mentors have made in contributing to her success—and sometimes that means uncomfortable moments for both the mentor and the mentee.

“It should be a little scary, not overwhelmingly so, but it should be personally challenging—that’s what you should be looking for,” Murphy said, adding that friends are the ones who are meant to make people feel good.

“But your mentor is there to bring your best out of you and that’s supposed to be uncomfortable a little bit. It’s really supposed to be,” Murphy said.

The panel also agreed that it is critical for people to diversify their mentorship.

“I’ve had people ask me, as a woman, if it would it be more beneficial to have a woman as a mentor versus a man,” said Melinda Rogers, deputy chief information officer at the Justice Department. “Well I’ve had mentors and mentored people from both genders and I think it really comes down to the person and the chemistry.”

Pamela McCauley, who serves as program director in the Computer Information Science and Engineering Directorate at the National Science Foundation, also said that it’s imperative for people to learn from others who look different from them.

“I think this is really important, because a lot of times as women, we feel like we need a woman mentor and if you’re black, you need a black mentor,” McCauley said. “But you can have one mentor that can help you understand one area and another who can help you understand something else.”

The panel unanimously agreed that, because of how formative mentorship has been for their own careers, they feel compelled to pay it forward.

“I absolutely have to do it,” Murphy said. “I have to do it because it’s been so helpful to me.”

“Like Terryn, I have been the beneficiary of tremendous mentors, and I still stay in touch with them,” Rogers said. “So to the point of should you pay it forward, you absolutely should. You’re obligated to pay it forward.”

And for those who don’t feel that they have the time or energy to invest in people who ask them for mentorship, due to managing many competing priorities, she recommended connecting perspective mentees to others in their network who may have more to give.

“I take this extremely seriously because I would not be here without my mentors,” McCauley said. The other women on the panel nodded in unison.

NASA’s Chief Information Officer Renee Wynn said a key to her success was seeking out strong models and obtaining a supportive community. She added a “heartfelt ditto” to all that her fellow panelists said about mentorship.

After the panel, Murphy told Nextgov that she hopes that the discussion “helps everyone just go back and think about the choices that they,’ve made and the ones that are before them.” She said mentoring is important because it helps people to not only inform others’ perspectives but also see something that they personally may have missed themselves.

“Just this interaction could significantly impact the trajectory of someone’s career,” she said. “So if we did anything to help perpetuate a positive trajectory today, that’s awesome.”

Click here for the original article.