Advertisement
Subscribe to our daily newsletter.
Subscribe

Top acquisition agencies want cyber workforce changes in federal contracting rules

The agencies said in a Federal Register posting that the Federal Acquisition Regulation should align with a NIST cyber workforce framework.

By

Listen to this article
0:00
Learn more. This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.
GSA, General Services Administration
GSA headquarters. (18F photo)

A federal framework for cybersecurity workforce knowledge should be incorporated into contracts for IT and cyber support services, a trio of agencies that lead the bulk of federal acquisitions said in a Federal Register posting Friday.

The General Services Administration, NASA and the Defense Department teamed up on a proposal that would alter the Federal Acquisition Regulation (FAR) to include the NICE Workforce Framework for Cybersecurity. The heads of GSA, NASA and DOD sit on the FAR Council and are jointly responsible for maintaining and prescribing the FAR. 

The NICE framework, spelled out in the National Institute of Standards and Technology’s Special Publication 800-181, details workforce knowledge and skill requirements to be used in federal IT and cybersecurity support contracts. The document essentially creates a “common language” for cyber work roles that align with a 2019 Trump administration executive order on America’s cybersecurity workforce.

“The NICE Framework is intended to be applied in the public, private, and academic sectors to grow the cybersecurity capability of the U.S. Government, increase integration of the Federal cybersecurity workforce, and strengthen the skills of Federal information technology and cybersecurity practitioners,” Friday’s posting said.

Advertisement

The GSA, NASA and DOD would like the FAR to be amended to include the NICE framework’s definition of “cybersecurity,” which would be used in the federal acquisition of IT and cyber support services. The agencies’ proposal also seeks to alter FAR to align with NICE framework language on cyber workforce tasks, roles, knowledge and skills in the description of contracts.

Under the proposal, the FAR would also be amended to match NICE framework language for offers, quotes and reporting requirements from IT and cyber contractors, as well as in documentation for the acquisition of commercial products and services.

The posting notes that any changes to the FAR would not create new solicitation provisions or contract clauses that impact existing contracts for commercial products or services. GSA, NASA and DOD said they “do not expect” the rule to “have a significant economic impact on a substantial number of small entities within the meaning of the Regulatory Flexibility Act.”

Comments on the agencies’ proposal are due March 4.

Matt Bracken

Written by Matt Bracken

Matt Bracken is the managing editor of FedScoop and CyberScoop, overseeing coverage of federal government technology policy and cybersecurity. Before joining Scoop News Group in 2023, Matt was a senior editor at Morning Consult, leading data-driven coverage of tech, finance, health and energy. He previously worked in various editorial roles at The Baltimore Sun and the Arizona Daily Star. You can reach him at matt.bracken@scoopnewsgroup.com.

In This Story

Advertisement
Advertisement

More Like This

Advertisement

Top Stories

Advertisement

More Scoops

Latest Podcasts

CISA issues guidance for high-value targets to secure mobile devices in the wake of Salt Typhoon; FBI’s AI efforts face funding and workforce barriers

The federal government discloses more than 1,700 AI use cases; CISA delivers new directive to agencies on securing cloud environments

House AI task force releases final report, eyes future work with Trump administration; Adele Merritt named CIO of National Institutes of Health

Lift off! How NASA is faring in its exploration of AI

Tech

Defense

Cyber

FedScoop TV