GSA issues solicitation for e-commerce portals project
The General Services Administration has reached the next phase of its journey to launch an e-commerce marketplace for use by federal agencies looking to buy commercial off-the-shelf products.
The agency issued a solicitation for e-marketplace portal providers seeking to develop a proof of concept for the Commercial Platforms program.
“As federal procurement continues to evolve, simplifying how we purchase basic commodities will allow agencies to focus more on work that directly serves their missions,” GSA Administrator Emily Murphy said in a statement. “Federal agencies spent approximately $260 million using online portals last year, and it is critical that we use the Commercial Platforms program to better understand and manage this spend.”
The program is a requirement of Section 846 in fiscal 2018 National Defense Authorization Act. As such this initiative has been in the works for a while — a draft of this new solicitation was first posted in July. Through market research and feedback from stakeholders, in response to the draft solicitation and industry days held before, GSA has decided to “start small” in its approach to this whole e-commerce thing.
“By using a proof of concept for the Commercial Platforms program, GSA is able to start testing implementation of the program with a small group of interested agencies and utilize actual purchase and spend data to analyze results and then refine the program approach as lessons are learned,” Laura Stanton, deputy assistant commissioner at GSA’s Federal Acquisition Service, wrote in a blog post in July. “This allows us to test an innovative purchasing channel while also mitigating risk before developing the next phase of the program. ”
The solicitation will be open for 30 days, GSA says. Implementation of this proof of concept, which will be done in partnership with multiple e-commerce platform providers, is expected to occur in “early 2020.”
The e-commerce platform project is a key component of the Federal Marketplace Strategy, GSA’s initiative meant to modernize the federal acquisition experience for both buyers and sellers.
GSA has kicked off the fiscal new year with a bang, both with the launch of this e-commerce solicitation as well as the on-time consolidation of its Multiple Award Schedules program, which it announced it completed Tuesday.
Better data could help fight the opioid crisis, says DOJ IG
More data, available in a more timely fashion, would help the Drug Enforcement Agency (DEA) better combat America’s ongoing opioid crisis.
This is one finding in a recent audit by the Department of Justice’s inspector general. The report found that DEA does use databases like the Automated Reports and Consolidated Orders System (ARCOS) and the Suspicious Order Reporting System (SORS) to track trends in the diversion of these controlled substances. However, the IG argues that these databases have two main weaknesses: They aren’t updated often enough and they don’t track certain drugs that are known to be used in conjunction with opioids, meaning DEA is missing some data that could be helpful in its mission.
“Due to these deficiencies, we believe that DEA is ill-equipped to effectively monitor ordering patterns for all pharmaceutical opioids,” the IG writes.
The first issue is one of data timeliness. Manufacturers and distributors of these controlled substances are required to report their ordering information to the ARCOS database. But while some manufacturers or distributors do this on a monthly basis, others only do it quarterly.”This dichotomy of reporting schedules forces DEA to wait a full year before ARCOS contains all of the ordering information needed to fully analyze the data and develop leads and trends,” the IG found.
The second issue the IG found was one of data completeness.
While manufacturers are required to report information about pharmaceuticals on Schedules I and II, widely considered to be the most dangerous drugs, not all manufacturers or distributors of Schedules III, IV, and V drugs have the same requirements. The IG found that “as many as 9 opioid compounds found in over 20 pharmaceutical brands were not reported in ARCOS, making it much more difficult to detect the diversion of these prescription drugs.”
“We are concerned that the nine opioid compounds not reported in ARCOS are just as dangerous to public safety as those on Schedules I and II,” the report states.
The IG also found that the SORS database is struck by a kind of data decentralization problem — the database itself lives at the headquarters level but suspicious order reports are most often made to field office divisions of DEA. Per the IG, “DEA has not created a mechanism whereby reports sent to its field divisions are uploaded into the SORS database.” This, the report notes, “significantly” impacts the utility of such a database.
The good news is that DEA is working to improve data sharing with partners at the federal level, like the Department of Health and Human Services, and the state level. The IG says “improvements” are needed here, but that this kind of collaboration is important.
The report makes nine recommendations, including that the DEA require that all suspicious order reports be sent to headquarters for inclusion in the SORS database.
Tech accelerator Dcode evolves to meet government need for training
Large federal agencies like the Department of Defense face a bureaucratic crisis. They require dynamic, innovative technologies abundantly found in the commercial sector, but things like acquisition, policy and budget stifle their ability to procure them in a timely manner.
It’s not a new problem. In fact, there are entire organizations like the Defense Innovation Unit (DIU) and the Defense Innovation Board (DIB) created to help solve it. But so often, the attention is focused only on what can be done to break down barriers for small, innovative companies to provide their products to government — yet, that’s only half the battle.
Dcode, a Washington, D.C., company that started as an accelerator to help nontraditional tech startups do business with government, realized this about 18 months ago. Their thinking: You can help companies be better partners to federal agencies, but what about the senior officials within government who don’t understand how to work with those companies? You must have both, Dcode posits, to successfully bring commercial emerging technology into government.
That’s why a newly rebranded Dcode is now focusing just as much of its effort into training federal personnel, both from defense and civilian agencies, to be effective partners in the digital age as it does helping tech companies navigate Washington and its acronyms.
“You’re seeing such an uptick across all of government on their need to work with nontraditional technologies,” CEO Meagan Metzger said of the company’s development of Dcode Innovate, the training program. “There’s not an understanding of how to connect government and technology effectively.”
“The thing that we hear time and time again is we find technology, we understand the emerging tech landscape, but at the end of the day, we still have to figure out how to get it in the door,” she said.
The DIB pilot
It all began with a 2018 training pilot with the Defense Innovation Board, the Pentagon’s advisory committee created to drive innovation throughout the department. The DIB issued a recommendation that called for better training of Department of Defense senior officials so they could better adopt commercial technologies in a rapid manner and inject innovation into their organizations.
“Are we setting up our senior leaders for success?” Josh Marcuse, executive director of the DIB, said of the recommendation and the need for training. “What can the department do to prepare senior leaders to lead the kind of organizations that can be agile, that can move at speed, know how to do software, can embrace these new technologies, knows how to talk to commercial industry, including emerging technologies?”
The board discovered Dcode through an acquisition vehicle and identified it as “a company we knew had extensive experience bridging the divide between tech companies and the department and asked them to turn their analytical lens on this question,” Marcuse told FedScoop.
Metzger explained that Dcode hadn’t necessarily settled on the idea to train government officials yet, but the idea naturally evolved from its ongoing accelerator offering. The DIB, she said, “wanted to understand all the stuff we had to teach tech companies because the DOD was not a good consumer of technology. From there, we said why don’t we flip it and almost create a reverse program because everything we teach the tech companies stems from our understanding of the acquisition process, all the bureaucracy the companies have to navigate. So we’re just teaching the reverse.”
In the pilot, “18 general officers, flag officers and [senior leaders] from every service of the DOD … workshopped problem statements, and we taught them everything they need to know about the emerging tech landscape, understanding the clash of the cultures,” Metzger explained, as well as “how do you leverage innovative procurement, how do you get the data scientist in the door, and how do you use the waivers and exceptions that already exist that we’re just not using effectively?”
She said she knew it was a success because more than half of the trainees went back to their services and immediately began prototyping a solution.
Marcuse, who called the training an “intense innovation bootcamp for leaders,” emphasized the DIB’s focus on bringing “near-term impact” and exploring “commercially mature technology that currently is working in industry and DOD can adopt right now.” The hope is, he said, leaders will “walk out knowing there’s something they can do the next day.”
“It’s that key group of leaders in the middle that set the tone for what we do, and we want to give them all the tools and skills and exposure they need to fulfill the innovative vision of the National Defense Strategy,” he said.
Dcode training today
Since then, Dcode has hosted more than 15 training sessions of varying sizes and profiles. Typically, they’re three-to-four days, and an organization like the DIB purchases the entire class for participants. Dcode has also hosted training for the Air Force’s AFWERX team and a one-day course for NATO leadership. The company has also has “pretty strong representation across” the intelligence community and has worked some with civilian agencies, the latter of which is a big target for 2020, Metzger said.
No matter the partner, the challenges are almost always the same, she said. “They all have the same problems. They all can’t figure out how to get past the frozen middle and the bureaucracy.”
But the Dcode training gives them exigency to do something about it. Metzger said participants have created at least 80 prototypes “that we’ve gotten our fingers on after the training.”
“We can really bridge the gap from people want to do something and people want to improve the government to how to actually get that done,” said Megan Vorland, chief strategy officer of Dcode.
With the success of the training program, Dcode has no intention of slowing its accelerator offering, which has helped 77 companies in find partners more than 60 programs and agencies across government. With each now in full stride, they tend to inform one another on the challenges and solutions in brining commercial tech and government together.
“We realized we were only solving half the problem,” Metzger said. “We can teach the companies all day, but we’re just pushing a rock up the hill.”
Vorland echoed that: “We’ve seen both sides of the equations, so we have the tools to help them break down the barriers.”
GSA finishes schedule consolidation on deadline
The General Services Administration hit its deadline to consolidate 24 acquisition schedules into one set of terms and conditions for products and services.
The Multiple Award Schedules Consolidation is the part of the agency’s Federal Marketplace Strategy intended to modernize acquisition for federal, state and local governments. GSA released the newly consolidated schedule solicitation Monday evening on FedBizOpps.
“This is an important first step toward our goal of simplifying the experience for customers, suppliers, and GSA’s acquisition workforce,” said Emily Murphy, GSA administrator, in the announcement.
New contracts will be placed on the consolidated schedule, while current contracts remain unaffected until the mass modification in 2020. Duplicate contracts will be eliminated, so customers can find solutions easier.
Every federal agency can use GSA schedules to acquire goods and services. State, local and tribal governments and educational institutions can buy through them, too.
The MAS solicitation is organized into 12 large categories: office management, facilities, furniture and furnishings, human capital, industrial products and services, information technology, miscellaneous, professional services, scientific management and solutions, security and protection, transportation and logistics services, and travel.
Those categories are divided into subcategories and Special Item Numbers (SINs) — which have been reduced to about 300, for clarity, from the previous total of nearly 800.
GSA developed the solicitation based on more than 1,000 comments from agencies, employees and industry in response to two requests for information.
Army awards IT-as-a-service prototype contracts
The Army has awarded a trio of prototype contracts to kick off its enterprise-IT-as-a-service pilot.
The service issued other transaction agreement (OTA) awards to AT&T for $5.6 million, Verizon for $9.7 million and Microsoft for $18.2 million.
The Army, like other military services, is moving in the direction of EITaaS as a way to focus its programs and personnel on more mission-critical work while bringing in outside commercial partners to provide more basic IT services.
Through the pilot, the Army is looking to “assess feasibility and deploy commercial solutions for data transport, end-user device provision, and cloud services for selected Army installations,” it said in an earlier request for quotes.
“The goal of the pilot is to assess the feasibility of private sector IT infrastructure investments, operations and best practices; and to implement process and policy improvements to maximize value on the Army’s investment in the network,” the RFQ says.
The Army will look to leverage the prior work of the Navy and Air Force in moving to similar ITaaS models. Air Force Deputy CIO Bill Marion recently detailed these parallel efforts, calling the military services “truly aligned” in their IT delivery efforts. AT&T and Microsoft are also commercial partners for the Air Force’s pilots.
The contracts will run for three years with each provider building out services at three bases over that time.
Army CIO Bruce Crawford said earlier this year modernization needs to be kicked into high gear.
“The Army’s enterprise network at its current level of investment and current pace of modernization cannot meet the immediate and future warfighting requirements to optimize force readiness,” he said in March at an AUSA breakfast, pointing to the incremental modernization approach his office has taken in recent years.
ATARC launches test lab for agencies’ TIC 3.0 solutions
The nonprofit Advanced Technology Academic Research Center launched its Trusted Internet Connections 3.0 Test Lab on Monday to expedite federal agencies’ market research of emerging technologies.
The announcement comes as agencies prepare to take advantage of the Office of Management and Budget’s updated TIC guidance, which included three new approved use cases — cloud, agency branch office and remote users — to increase government flexibility in adopting network security tech. The ATARC lab will give agencies a place to pilot infrastructure-, software- and email-as-a-service projects; network designs; and government-furnished equipment.
“A lot of cloud projects are contingent on testing, now that the policy is out,” Tom Suder, president of ATARC, told FedScoop. “This is the hot thing the government needs.”
Agencies can take up to a year to establish their own test labs and go through the procurement process with vendors. So ATARC partnered with Equinix, which has a colocation facility as well as Amazon Web Services GovCloud connections agencies can use to save time and money.
ATARC will facilitate a joint statement of work allowing agencies to use Equinix’s space at no cost for two weeks and conduct their own evaluations of equipment. Once the testing period is over, agencies can return to a government lab for further trials if they choose.
Suder said ATARC floated the test-lab concept while waiting for TIC 3.0’s release, and civilian and military agencies expressed interest.
“I think they can really test the effects of the TIC 3.0 policy and how it’s going to affect their cloud architecture, if at all,” Suder said.
Early cloud adopters found themselves confronted with latency issues putting traffic through the TIC, he added. The plan is to share agency test lab findings so others can learn from their results and speed up their cloud adoption cycles.
Down the road, the test lab will be used for other endeavors like piloting software-defined networks in connection with the $50 billion Enterprise Infrastructure Solutions contract.
“We plan on keeping the test lab up indefinitely,” Suder said.
VA awards $686M cloud, digital transformation contract
The Department of Veterans Affairs issued a $686 million contract to B3 Group, Inc. to support its Digital Transformation Center.
Under the contract, B3 will “support Veterans through the use of rapid, incremental improvements in information technology (IT) capabilities, driving a genuine working partnership between the business and IT,” the company said in an announcement.
Herndon, Virginia-based B3 partnered with Millsapps, Ballinger & Associates, Armavel, Deloitte and Mulesoft Consulting to win the award. The company also participated in a previous contract for VA’s DTC program with Salesforce.
This contract has a one-year base and four one-year optional extensions. The VA launched the Digital Transformation Center in 2016 to better support veterans through a more rapid and agile approach to development, test and production of software.
As explained in a request for information from the VA, the department’s DTC program calls for “Software as a Service (SaaS), Platform as a Service (PaaS), and other emerging technologies as transformation enablers.”
So far, the VA seems to have build solely around Salesforce products, including “several dozen Salesforce modules, an enterprise customer relationship management (CRM) implementation, and several contact center implementations operated via the Salesforce Cloud,” the RFI says.
In the future version of the program, VA hopes to continue scaling the DTC to “be able to increase its ability to improve service delivery to Veterans, through improved IT products and services” and “add additional cloud technologies to drive further innovation.”
The award was issued under VA’s master indefinite-delivery, indefinite-quantity IT contract Transformation Twenty-One Total Technology Next Generation (T4NG), which has a five year base ordering period through 2021, with a potential five-year extension, and a $22.3 billion ceiling.
According to B3, the contract supports several high-profile programs and systems at VA, including the Caregiver Record Management Application (CARMA), VA Loan Electronic Reporting Interface (VALERI-R), White House VA Hotline, Status Query and Response Exchange System (SQUARES) for Homeless Veterans, and VA Integrated Enterprise Workflow Solution (VIEWS) Case and Correspondence.
DIU challenge takes on algorithms to assess building damage
When responding to a natural disaster, it’s helpful to know the scale of the damage up front.
The Pentagon’s Defense Innovation Unit (DIU) thinks computer vision technology can help deliver this kind of information — and that’s the focus of xView2, a new challenge organized by DIU with partners at NASA, the Federal Emergency Management Agency, the Joint Artificial Intelligence Center and more.
Today, disaster relief efforts use satellite imagery to get a sense of disaster damage, but they do it by hand. And because these disasters can impact a large space, analysts have to contend with “huge swaths of pixel space to localize and score damage in the area of interest,” the challenge’s organizers say. “It is a slow and laborious process.”
Automating this process with the help of technology, they hope, could enable quicker recovery after fires, hurricanes and more.
The challenge will benchmark different algorithms against each other. The algorithms must be able to score buildings in a post-disaster image on a scale of one to four — one meaning no building damage and four meaning that the building is completely destroyed.
xView2 is, as the name suggests, the second xView challenge. The first, which kicked off in March 2018, focused on computer vision object detection. Now, organizers are taking the challenge a step further.
Submissions to xView2 are due by Nov. 22 and DIU plans to announce winners in December.
DHS lacks a cyber workforce strategy four years later
The Department of Homeland Security can’t ensure it’s prepared for increasing national cybersecurity threats because it has yet to complete a thorough workforce assessment, according to an inspector general report.
DHS failed to submit complete, annual workforce assessments on time the last four years, as required by the Federal Cybersecurity Workforce Assessment Act of 2015.
The agency also failed to submit a complete annual cyber workforce strategy during the same period.
“You can’t ensure than any of our federal systems are truly secure or at risk if you do not have the ability to confidently say the workforce is ready — properly staffed and properly trained,” said Simone Petrella, CEO at CyberVista, which runs training initiatives for federal agencies.
Petrella said DHS’s failure to comply with the law is “fairly unsurprising” considering the department was cobbled together from 22 “historically disparate” agencies in 2002 — making coordination difficult. The Secret Service’s cyber mission and mandates differ from the U.S. Computer Emergency Readiness Team’s, for instance.
The IG found the 2015 law created “overlapping and new requirements” that hindered DHS’s ability to meet the data call, much like the Department of Defense between 2007 and 2014, when it was tasked with creating cyber training requirements.
DOD got as far as revising a directive on compliance measures three years ago but never published a corresponding manual fleshing out the details because, by then, DHS had taken point on cyber workforce issues, Petrella said.
“For DHS, it makes sense from a homeland security perspective to have oversight over critical cybersecurity functions,” she added.
DHS responded to the 2015 law by creating a Cybersecurity Statutory Authority Program team within its Office of the Chief Human Capital Officer. Upon its creation in 2016, the team consisted of only four federal staff and eight contractors.
In response to the IG report’s recommendation that DHS assign more staff resources to complete cyber workforce assessments and strategies on time, OCHCO increased those numbers to 16 federal staff and more than 100 contractors in 2019. The agency plans further increases to 35 federal employees and additional contract support by 2021.
The IG also found that DHS struggled with the mandates because cyber workforce data wasn’t readily available.
“The biggest step they need to take is to apply a common measure of assessment across the entirety of the workforce,” Petrella said.
That involves coding roles as cyber versus cyber-enabled.
A purely cyber role is directly involved in security a majority of the time, whether that’s network defense, monitoring or incident investigation and response. Cyber-enabled roles fall in the information technology realm, but security is a secondary responsibility — as with application developers.
Because DHS didn’t have job codes created, it would have been forced to audit the cyber funding it received to determine if the money did, in fact, go toward cyber roles, Petrella said.
“You’re doing that all in the retrospective, almost forensically,” she said. “In order to track data you need to understand the roles in your organization.”
DHS’s lack of a cyber workforce strategy presents another problem, according to the report: the agency can’t plan for future needs.
“These issues are exacerbated by the department’s rising vacancy rate in civilian cybersecurity positions, which increased from 9% in March 2017 to 12% in November 2018,” reads the report. “Hiring and recruiting efforts will become more critical as the department faces a retirement surge in coming years.”
Despite the inherent challenges, DHS isn’t absolved of all responsibility, Petrella said.
The agency had the chance to implement mitigations to capture cyber workforce data and didn’t.
“This is not a new issue that only arose in the last year,” she said.
Aaron Weis named new Navy CIO
The Department of the Navy has named Aaron Weis its new chief information officer to lead the service’s newly structured IT office.
Weis takes over a newly elevated CIO’s office, leading a team dedicated to proactively improving cybersecurity and managing other digital priorities. In this role, he will “serve as the principal staff assistant to the Secretary of the Navy on information technology management, digital, data and cyber strategy,” according to a release. The position, however, is not Senate-confirmed.
Under Weis will be two deputies — a flag officer from each the Navy and Marine Corps — and four directorate leaders: a chief technology officer, chief digital strategy officer, chief data officer and chief information security officer.
“This new DoN CIO team will not only integrate key Navy and Marine Corps Information Technology initiatives to support our warfighters, but will also provide an opportunity to strengthen information technology (IT) talent across the naval services,” Undersecretary Thomas Modly said in a statement. “They will be responsible to the SECNAV to ensure that naval IT spending is directed to the highest value opportunity areas as established in the National Defense Strategy.”
Weis comes to the Navy after serving in the Department of Defense Office of the CIO as a senior adviser for the past year.
The new CIO role comes at the recommendation of the Navy’s recent critical Cybersecurity Readiness Review, ordered by the secretary.
“Digital information has become the center of all we do to defend the nation, ” Secretary Richard Spencer said. “The strategic use of data and information resources represents a critical enabler of lethality and readiness. Managing and protecting our data is crucial as we confront the renewal of great power competition.”