Secure Software Development Framework not evident in federal procurement yet
Companies can’t fully adhere to the federal framework for secure software development until government begins making procurement decisions based on the guidance, according to industry experts.
The Secure Software Development Framework (SSDF) is a conceptual document that wants software developers and providers to prove they’re in compliance using artifacts, but which threat models, log entries, source code files and vulnerability scan reports agencies require isn’t being universally stated in contracts.
While the National Institute of Standards and Technology recommended organizations “produce well-secured software with minimal security vulnerabilities” in the SSDF, that’s actually an outcome of government and industry working together to determine what’s contractually feasible.
“I don’t think it’s at the point where I, if I were still in government, would want to go write contract requirements feeling that I had enough specificity in what was there in the software framework,” Jim Richberg, field chief information security officer for public sector at Fortinet, told FedScoop.
That’s not to say industry dislikes the SSDF, rather recognizes the Office of Management and Budget‘s recent mandate agencies comply with the guidance will help CISOs and chief information officers secure their IT infrastructure and ensure its as free of vulnerabilities as possible.
But clarifying the framework will take a lot of work, especially from government, and require a flexible timeline.
“I would say that there will be a deadline, and it will have to be a soft deadline,” said Bob Stevens, area vice president of public sector at GitLab. “We’re talking about the potential change of a lot of infrastructure and a lot of transitioning for government agencies.”
The Cybersecurity Executive Order that directed NIST to develop the SSDF had three dozen action items across three competing priorities for agencies: implementing zero-trust security architectures, accelerating cloud migration and securing the software supply chain. While all three reinforce each other in some ways, Congress needs to appropriate additional money for the latter, Richberg said.
Much of the software agencies buy that industry produces is enterprise software, meaning it’s not written solely in house but with other organizations. Determining contract requirements that also reach those third-party developers and suppliers will take time.
“I’d be hard-pressed to say it’s going to happen in 18 months,” Richberg said.
U.S. Cyber Command providing cyber expertise and intelligence in Ukraine’s fight against Russia
U.S. Cyber Command has been very active in addressing security concerns regarding Russia’s invasion of Ukraine, from assisting the Ukrainians to providing intelligence to hardening networks domestically and globally, its commander said Tuesday.
“U.S. Cyber Command (with NSA) has been integral to the nation’s response to this crisis since Russian forces began deploying on Ukraine’s borders last fall,” Gen. Paul Nakasone, who also directs the National Security Agency, said in written testimony to the Senate Armed Services Committee. “We have provided intelligence on the building threat, helped to warn U.S. government and industry to tighten security within critical infrastructure sectors, enhanced resilience on the DODIN (especially in Europe), accelerated efforts against criminal cyber enterprises and, together with interagency members, Allies, and partners, planned for a range of contingencies.”
Nakasone also provided greater details from congressional testimony a month ago regarding the extent to which his cyber teams have assisted the Ukrainians to bolster their digital defenses.
So-called hunt forward teams sat side-by-side with partners to gain insights into threats, he said. These defensively oriented teams physically deploy to foreign nations to search for threats on their networks at the invitation of host nations. Officials say these activities are mutually beneficial because they help bolster the security of partner nations and provide Cyber Command and the United States advanced notice of adversary tactics, allowing the U.S. to harden systems at home against these observed threats.
Since Russia’s invasion in February, Cyber Command has conducted additional hunt forward operations bolstering the resilience of Ukraine and other NATO allies, Nakasone testified. This includes providing remote and analytic support to Ukraine and conducting network defense activities aligned to critical networks outside Ukraine.
Cyber Command is also ensuring the security and availability of command and control systems across the Department of Defense while creating options for national leadership and conducting operations as directed.
Along with interagency partners in the U.S. government, the command is working to mitigate threats to domestic and overseas systems.
This also translates to the ransomware fight. Nakasone said that elite cyber teams have taken numerous actions over the past year to combat ransomware, in partnership with other federal entities in the law enforcement realm and industry. These actions have sought to disrupt and degrade the operations of ransomware groups.
Navy airborne electronic attack system also capable of delivering cyber effects
Officials and members of industry have discovered that the Navy’s helicopter-based anti-missile electronic ship defense platform is also capable of creating cyber effects, according to the system’s prime contractor, Lockheed Martin.
“We’re getting out in the field and we’re finding that it does things that we … didn’t anticipate, which is good,” Joseph Ottaviano, director of maritime and air cyber/electronic warfare at Lockheed, said, referring to the Advanced Off-Board Electronic Warfare (AOEW) system.
AOEW is a pod mounted to MH-60 Sierra and Romeo helicopters and meant to address ships’ line-of-sight limitations in the electromagnetic spectrum while also providing electronic attack capabilities against potential threats such as missiles.
“As we’re finding, common with some of the things we do in the maritime and airborne cyber/EW, is if you can perform [electronic attack], you can perform other things up to and including cyber. [It] starts becoming a converged system very quickly,” he told FedScoop on the sidelines of the Sea-Air-Space conference at National Harbor, Maryland.
He continued: “We’re finding a lot of those capabilities that we didn’t necessarily anticipate or design directly into them are available to the customer. It’s a pretty powerful situation for us.”
In addition to the regular test and evaluation assessments that Pentagon programs must undergo, Ottaviano said AOEW has participated in some Navy exercises, though he declined to say which ones or the extent to which the system was used. He offered that they were operationally realistic scenarios.
Ottaviano described the system as part of the Navy’s “layered defense,” with organic defense both on and away from a ship.
“If you can do EA, and you architect the system right, you can also present cyber effects as well. We’re seeing some of that,” he said.
These converged capabilities are similar to those Lockheed is providing for the Army for some of its programs, he noted. While declining to offer any specifics or examples, one such system is the Multi-Function Air Large system, an electronic attack pod mounted to an MQ-1C Gray Eagle drone.
Editor’s note: This story has been updated to reflect that while MFEW is an example of what Lockheed is providing to the Army, Ottaviano did not cite it specifically.
House lawmakers introduce bipartisan legislation to strengthen VA cybersecurity
Lawmakers on the House Committee on Veterans’ Affairs have introduced new bipartisan legislation intended to strengthen cybersecurity at the Department of Veterans Affairs.
The Strengthening VA Cybersecurity Act of 2022 was introduced March 30 by Technology Modernization Subcommittee chair Frank Mrvan, D-Ind. It was co-sponsored by Reps. Nancy Mace, R-S.C., Susie Lee, D-N.V. and Andrew Garbarino, R-N.Y.
The bill is intended to boost cybersecurity at the department and protect IT systems and devices in use that hold veterans’ data.
If the legislation passes, it will require the VA to obtain an independent cybersecurity assessment of its most critical information systems, as well as its cybersecurity posture as a whole. It also requires the VA to develop a timeline and budget to fix any weaknesses and deficiencies identified by the report.
A companion measure has been introduced in the Senate by Sens. Jacky Rosen, D-N.V., and Marsha Blackburn, R-Tenn.
Rep. Mrvan said the legislation comes after, in 2020, “regrettably 46,000 veterans had their personal information compromised after hackers breached VA’s computer systems.”
“This is unacceptable, and action must be taken to improve VA’s cybersecurity,” Mrvan said. “This legislation will move us in the right direction to give VA the tools it needs to effectively protect against new and emerging cybersecurity threats and safeguard our veterans’ personal information. I appreciate the close working relationship of my colleagues Rep. Nancy Mace, Rep. Susie Lee, and Rep. Andrew Garbarino, and look forward to continuing to collaborate with you to move this commonsense and bipartisan legislation forward.”
During the 2020 cyberattack on the department, about 46,000 veterans had their personal information, including Social Security numbers exposed, as unauthorized users gained access to an online application for making health care payments.
Clearview AI to sell technology to private sector as well as government agencies
Facial recognition technology company Clearview AI is looking to sell services to banks and other private sector companies in addition to working with government agencies.
Clearview co-founder and CEO Hoan Ton-That told the Associated Press Friday of the company’s further growth plans, responding to a recent federal court filing that suggested the company may be up for sale.
“We don’t have any plans to sell the company,” Ton-That said. According to the executive, the company is instead looking to launch an identity verification venture to compete with the likes of Amazon and Microsoft.
Clearview will look to sell a new “consent-based” product to corporate customers that would use its algorithms to verify a person’s face but would not involve its database of more than 20 billion images.
The pivot back to private sector business comes after the company in 2020 said it was taking voluntary action to avoid transacting with non-governmental customers. Clearview made the claim in legal documents filed in an Illinois federal court.
Earlier that year, an investigation by Buzzfeed News found that the company had provided its facial recognition took to more than 2,200 police departments, government agencies, and companies across 27 countries. Internal documents reviewed by the news outlet at the time showed Macy’s, Walmart, Bank of America, and Target were among the companies to use Clearview’s facial recognition tool.
In the U.S., Clearview has notable contracts with the U.S. Immigration and Customs Enforcement agency, which on March 15 awarded a contract to Clearview for information technology componen
Other government departments that have struck contracts with Clearview include the FBI, the Department of the Army, the Air Force and the Department of Justice.
Clearview in March also started offering its services for free to the Ukrainian military, in part to help identify dead Russian soldiers using its database of about 2 billion images scraped from Russian social media.
In September last year, the company served a subpoena on a transparency nonprofit, seeking communications the group had with media in relation to scraping images and personal information from social media sites and selling data to law enforcement agencies.
Clearview subsequently withdrew the court order, after details of the subpoena became public.
This article was updated to clarify that a 2020 investigation by Buzzfeed News found Clearview AI has previously provided facial recognition tools to private sector companies.
Navy, Marines leaders hit back at critics of force transformation plans
Critics of the Navy and Marine Corps’ transformation plans are advocating for forces that would be ineffective and unprepared to meet future warfighting requirements, the services’ top officers suggested Monday.
Lawmakers on both sides of the aisle have slammed the Navy’s fiscal 2023 budget request released last week. It calls for decommissioning 24 ships and buying nine new ones. Doing so would reduce the battle force to about 280 ships, well short of the 355-ship fleet that Congress and other seapower advocates have called for.
Sen. Jim Inhofe, R-Okla., the top Republican on the Senate Armed Services Committee, tweeted that cutting the fleet would be “illogical.” Rep. Elaine Luria, D-Va., vice chair of the House Armed Services Committee, tweeted that the budget plan “sucks.”
But the idea behind the sea service’s shift centers on prioritizing readiness and modernization over capacity, Chief of Naval Operations Adm. Michael Gilday said Monday during a panel at the Sea-Air-Space conference at National Harbor, Maryland.
“We need a ready, capable, lethal force more than we need a bigger force that’s less ready, less lethal, less capable. In other words, we can’t have a Navy or Marine Corps larger than what we can sustain. That’s important. So let’s keep it real with respect to what we’re going to field out there,” Gilday said.
The services will end up with a larger but ineffective force if policymakers want to “make capacity king,” he added.
The Navy has to make difficult decisions to divest of certain capabilities and free up resources to invest in more modern capabilities, Gilday asserted.
The future years defense program, which has yet to be publicly released, will support the transition to a more capable fleet, he said.
“We’re on the right path. That path is not popular with everybody in this room and generally not on the Hill,” Gilday said. However, “I think it both fields a force today that’s ready to go and invests in a force … mid-decade and beyond that will serve us well.”
“We need a ready, capable, lethal force more than we need a bigger force that’s less ready, less lethal, less capable.”
Chief of Naval Operations Adm. Michael Gilday
Gilday touted investments being made in information warfare capabilities, cyber, space, hypersonics, directed energy, unmanned systems and artificial intelligence.
“The investments we’re making AI are proving to be very, very useful against an increasingly sophisticated adversary,” he said.
Gilday envisions a future where large unmanned vessels will provide a “floating arsenal of weapons.”
The service plans to field ship-launched and submarine-launched hypersonics in the 2025-2028 timeframe.
It is also prioritizing missiles such as the SM-6 Block 1B, maritime strike Tomahawks, Long-Range Anti-Ship Missile (LRASM), and Joint Air-to-Surface Standoff Missile-Extended Range (JASSM-ER).
“We’re maxing out the production line of all of our long-range weapons at high speed in this budget,” Gilday said.
Meanwhile, retired officers and other former officials have been bashing changes underway as the Marine Corps pursues Commandant Gen. David Berger’s vision known as Force Design 2030, which includes cutting tanks, artillery and other capabilities to free up money to invest in other systems that he believes will be more relevant in future competition with China in the Indo-Pacific, such as long-range anti-ship missiles and unmanned platforms.
In a recent op-ed published by Marine Corps Times, retired Lt. Gen. Paul K. Van Riper said Berger’s plan will “seriously jeopardize national security” and undermine near-term readiness, calling it “a risk not worth taking.”
“In the end the Corps will have more space experts, cyber warriors, influence specialists, missileers and others with unique skills — many of which already are provided by other elements of the joint force. But it will only have them because it gave up Marines prepared to close with and destroy the enemy,” Van Riper wrote.
He continued: “No longer will it be the Corps I served and loved for so many years, but a mere shadow of what was once a feared fighting force!”
Speaking on the Sea-Air-Space conference panel, Berger said the service must adapt to keep pace with changes in warfare.
Berger acknowledged that the force changes he’s promoting are not without risk. However, “none of us have a belief that we should wait until ‘28 or ‘30 or ‘31” to make major changes, he said.
“If you’re going to match the speed of the change in the character of war, meaning the threats, technology, everything that’s involved in operating environments that we’re going to face in the future, and if you’re going to accelerate [modernization] then you have to divest of some platforms, you have to adjust your force structure, you have to do things upfront that will create the resources” to transform, Berger said.
Unlike combatant commanders, service chiefs have to worry about not just near-term readiness, but also long-term readiness, he noted.
In places like Europe where land warfare capabilities are most needed, the Army will be in the lead with the Marine Corps playing more of a supporting role. However, in a maritime theater such as the Indo-Pacific, the sea services will be in the lead with the Army in the supporting role, he asserted.
The Corps is prioritizing capabilities that would be most useful in the Indo-Pacific.
The service is in the third year of its ongoing force transformation, and the 2023 budget request aims to “keep that momentum going,” he said.
Berger said his success or failure as a service chief won’t be fully apparent until five to eight years from now.
“That’s the only time you’re really gonna know whether the service chiefs … did their homework, made the hard decisions, got rid of stuff that they had to get rid of to put the resources into the right places,” he said.
White House disagrees with GAO over agencies’ information security program ratings
The Office of Management and Budget has disagreed with a Government Accountability Office’s finding that it should create a more precise scale for rating the overall effectiveness of agencies’ information security programs.
OMB argued its five-point grading scale is “sufficient,” adding layers wouldn’t provide clarity, despite seeming “too high level,” in its response to GAO‘s report released Friday.
GAO periodically reports on the 23 civilian Chief Financial Officers Act agencies’ implementation of the Federal Information Security Modernization Act and found their inspectors general (IGs) simply deeming their information security programs “effective” or “not effective” lacked granularity.
“As a result, IG ratings may be less useful for cybersecurity oversight,” reads the report. “By clarifying its future ratings guidance and improving its rating scale, OMB could help ensure that the reviews provide a more consistent picture of agencies’ cybersecurity performance, enabling Congress to better understand agencies’ relative cybersecurity risks.”
GAO countered OMB need not alter its five-point maturity model scale, but instead end the practice of letting IGs report their information security programs as effective or not effective. As it stands IGs may rate their agencies’ programs as effective, even if the OMB-provided assessment suggest otherwise, and they don’t make program maturity clear.
The report further recommends OMB specify when IGs must use its grading scale versus another, but the agency responded it established standards but allows IGs review flexibility. GAO countered its recommendation would give IGs clarity on when to use their flexibilities to expand or adapt reviews.
GAO encouraged OMB to work with the Department of Homeland Security and the Council of the IGs on Integrity and Efficiency to implement both recommendations.
While IGs found only seven out of the 23 agencies GAO reviewed had effective information security programs in fiscal 2020, that’s more than the previous three years. More agencies reported meeting FISMA goals for managing the security of software assets and intrusion detection and preventions, with chief information officers and chief information security officers at 14 agencies saying their programs improved to a “great extent” and 10 to a “moderate” extent.
Analysts pillory DOD projections for inflation, real budget growth
The Pentagon’s inflation projections are unrealistically low and don’t accurately reflect what the Department of Defense’s purchasing power will be next year, according to analysts.
The Biden administration on Monday released its fiscal 2023 budget request. The White House is asking for $773 billion for the Pentagon, including $146 billion for procurement, and $130 billion for research, development, test and evaluation.
During a briefing with reporters, Michael McCord, Pentagon comptroller and chief financial officer, said the total DOD budget would see about 4 percent nominal growth and 1.5 percent real growth over what was enacted for 2022, when accounting for projected inflation.
The numbers put out by the administration forecast a little more than 2% cost growth for the goods and services DOD buys, noted Todd Harrison, director of defense budget analysis at the Center for Strategic and International Studies.
“That does not seem realistic at all,” he said Friday during a panel discussion hosted by the Center for a New American Security, noting that the consumer price index — a metric for measuring inflation — has risen to nearly 8 percent recently.
The Biden administration’s projections may have been based on rosy assumptions made months ago that the high levels of inflation seen last year would be fleeting, Harrison said.
“You can never predict the future exactly. We don’t yet know what inflation is going to be for 2023, but … we know it’s not going to be 2.2%,” he said.
He continued: “The big story here when they talk about, you know, a real increase in the defense budget, when you assume real inflation on top of that, it’s not actually an increase. It’s a decrease in the defense budget if you apply more realistic assumptions using more current economic data about what things are shaping up for in the coming year.”
Mackenzie Eaglen, a defense budget guru at the American Enterprise Institute, said the $773 billion figure is “masquerading” as a higher topline than what was enacted for 2022.
“The messaging from the services is, ‘We all got an increase.’ Of course, people like us are like, ‘Wait, we actually saw nothing that is an increase. You saw a real negative decline in your purchasing power,’” Eaglen said.
Frederico Bartels, senior policy analyst for defense budgeting at the Heritage Foundation, said at this point it’s impossible to predict exactly how high inflation will be in the next fiscal year given how much prices have been fluctuating.
However, DOD’s projection is “completely unrealistic and it’s very detached from the reality that we are all experiencing on that,” he added.
Rising personnel costs also limit the amount of money available for spending on new capabilities, noted Stacie Pettyjohn, director of the defense program at the Center for a New American Security.
The Biden administration’s fiscal proposal for 2023 calls for a 4.6% pay bump for servicemembers and DOD civilians, well above the 2.7% increase seen this year.
“We have the best military personnel in the world. But it is expensive,” Pettyjohn said.
Presidents can make budget requests, but ultimately Congress has the power of the purse. In recent years, lawmakers have appropriated more funding for defense than the White House proposed. Analysts say the same thing could happen when lawmakers take up the 2023 budget.
The issue of inflation will be a “huge” factor in discussions, Harrison said.
“I expect Congress is going to add significant funding to this budget to cover inflation costs, to cover, you know, divestments they want to reverse, to cover new investments they want to make or accelerate,” he said.
The Hill will likely plus-up Pentagon coffers to the tune of $30 billion to $40 billion above what the Biden administration is proposing, Harrison predicted.
Bartels said lawmakers will want to “buy back” DOD’s eroded purchasing power, and they can be expected to try to prevent the divestments of ships and aircraft that were included in the budget proposal.
“I think you’re going to see a lot of gnashing of teeth and a substantially sour mood from the Hill when the senior leaders from the Defense Department come in front of them. And that’s all starting next week” when top Pentagon officials are scheduled to testify at hearings, he noted.
In addition to worrying about inflation and the Pentagon’s purchasing power — a concern that Republicans on the House and Senate Armed Services Committees have been raising publicly — Congress will also be looking at the Biden administration’s new National Defense Strategy and the resources needed to carry it out, Eaglen said.
A classified version of the strategy was sent to the Hill this week. An unclassified version is expected to be released in the coming months.
An NDS fact sheet released by DOD listed China as the department’s top strategic competitor and “pacing challenge,” and described Russia as posing “acute threats.”
Lawmakers are “going to address the gaps with the defense strategy and the actual [budget] request, and they’re going to use a variety of ways to get there,” Eaglen said. “But it won’t just be like last year, which was mostly a focus on the unfunded requirements lists from the services. I think this year the Hill is going to want to get more in the driver’s seat in terms of guiding defense budgets higher.”
Palantir agrees to distribution partnership with Carahsoft as it targets federal services growth
AI and data analytics giant Palantir has struck a distribution partnership with Carahsoft as it targets further growth of its federal government business.
Under the agreement, Carahsoft will distribute Palantir’s data operations software through resellers as part of the NASA Solutions for Enterprise-Wide Procurement (SEWP) V contract vehicle.
Government agencies are now able to acquire services from Palantir through the SEWP V governmentwide acquisition vehicle (GWAC), which is administered by Carahsoft.
Palantir’s new partnership comes as the company seeks to deepen its book of federal business and increase the volume of project-based work it does with government agencies.
Major federal contracts the company currently holds include a $90 million data integration contract with the Department of Veterans Affairs, a contract for work on the Army’s Vantage platform worth about $574 million, and data enclave contracts for COVID-19 clinical research with the National Institutes of Health.
“Partnering with Carahsoft and its resellers will allow Palantir to fully leverage the value that the channel ecosystem brings, offering the government the ability to work with their trusted partners and have more options on how they can procure our joint solutions,” Head of U.S. Government Channel and Distribution at Palantir Jennifer Talley said.
Carahsoft Vice President Maryam Emdadi said: “With the addition of Palantir to our offerings, government agencies now have access to Palantir’s big data solutions to transform how they achieve their goals.”
Of the $1.5 billion in revenue Palantir generated during 2021, 58% came from customers in the government segment. The company on Wednesday announced a new federal advisory board, which includes former Air Force Secretary Deborah Lee James and retired Commander of Special Operations Command Adm. William McRaven.
SEWP V is a 10-year contract vehicle with a $20 billion ceiling. Carahsoft is the master-aggregator for the GWAC, through which federal agencies are able to procure IT services ranging from computer hardware to cloud software, supporting technology and AV equipment.
GSA’s 5-year plan prioritizes digital government
The General Services Administration listed digital government as one of four strategic goals in its five-year strategic plan released Thursday.
Technology Transformation Services and the Office of IT Category, with support from the Office of Government-wide Policy, will be leaned on to deliver more trusted, accessible, user-centered technologies to federal agencies from fiscal 2022 to 2026.
The strategy is predicated on the view that GSA must help agencies rebuild public trust through digital services, after legacy systems and inequalities hindered government’s pandemic response.
“Technological advances offer unprecedented opportunities to deliver services more efficiently and effectively while saving taxpayer money,” writes GSA Administrator Robin Carnahan, in her letter of introduction. “In this moment of change, GSA is uniquely positioned to help our customer agencies deliver for the American people by providing critical tools, systems, solutions and expertise at the best value.”
TTS and OGP, together with the office of Customer Experience and GSA IT, are expected to implement equitable design practices in projects like improving vote.gov by increasing access to voting requirements and documents in many languages and formats.
GSA intends to request amendments to Federal Citizen Services Fund appropriation language so services are reimbursable and the spending cap increased for high-impact projects.
The agency is also developing a roadmap for its USA.gov redesign, which will improve users’ ability to navigate government benefits, services and programs by consolidating content like that found on Benefits.gov and Grants.gov. OCE and the internal Digital Executive Board will simultaneously improve the digital literacy of website managers, and more resources will be dedicated to the Digital Analytics Program to increase agencies’ understanding of how users’ are using their sites to access government services.
TTS will increase agencies’ use of shared technology solutions by spearheading the creation of a market development and partnerships capability featuring a market-sensing initiative, according to the strategy.
GSA plans to increase reuse of authorized cloud products, and reduce digital threats in the process, by expanding the Federal Risk and Authorization Management Program.
The agency will also increase agencies’ adoption of Login.gov and modernize federal rule-making management systems by streamlining workflows and improving data analysis.
Together TTS and OGP will employ a venture studio-esque model within the former to scale reimagined innovations governmentwide.
“This approach would help to launch innovative offerings and sustain them by providing resources and creating a clear, repeatable model for growing new ventures,” reads the strategy. “It would focus on high-impact digital transformation projects spanning multiple agencies and/or the public.”
GSA also wants to deepen the technological acumen within innovation accelerators like 18F, the Centers of Excellence, Presidential Innovation Fellows and 10x.
Elsewhere in the strategy the Federal Acquisition Service is tasked with ensuring agencies’ full adoption of the $50 billion Enterprise Infrastructure Solutions contract for telecommunications and IT modernization, which has become a moving target for government, by fiscal 2024.
Insights from GSA’s Workplace 2030 project will be used to develop new telework offerings for agencies like Home Office in a Box.
FAS and OGP will also streamline acquisition systems through the modernization of the Contract Acquisition Life-cycle Management (CALM) system, create a single experience for all GSA-assisted acquisitions by merging Assisted Services Shared Information System (ASSIST) legacy applications, automate error-detection bots, and improve the management of data on more than 50 million products and services through Catalog Management. FAS delivered $84 billion in IT governmentwide in fiscal 2021, and will work with OGP to increase agencies’ adoption of IT modernization offerings the next five years.
Polaris awards are now on hold following BD Squared’s pre-award challenge of the governmentwide acquisition contract — intended to increase agencies’ partnerships with small business IT service providers — but GSA plans to continue developing the vehicle.
The strategy directs OGP to build on the work of more than 30 Communities of Practice (CoPs), some geared toward innovation and emerging technologies, that GSA manages and six unnamed CoPs in particular.
“For FY 2022, GSA has identified six CoPs to achieve key milestones or quantitative performance outcomes,” reads the document.