Month: October 2022

Posted on

20 years of E-Government

This year marks the 20th anniversary of the enactment of the eGov Act, and I was recently asked in an interview what I felt had changed the most in the federal technology market and what had stayed the same. It was an interesting conversation, and so I’d like to share my thoughts with you.

Changing times, evolving technology

In 2002 your work revolved around your office building and your desk. Most everyone in government was tied to their office because of the technology at the time — desktop computers and desk phones.

Now think back to when you got your first Blackberry. I think it was 2004/5 for me. All of a sudden you could access your email on the go and connect to your headset wirelessly through Bluetooth.

Then of course the iPhone came in 2007 and has since changed everything. So, while I still have a desk at GSA’s central office, I haven’t had a desk phone in almost a decade or a desktop computer in two decades — today, I work from a laptop and a mobile phone.

In terms of the federal technology market, we are once again seeing two big technological trends that are radically transforming how we all operate: the shift to telework and cloud adoption.

Cloud adoption and telework

The pandemic hammered home the value of flexibility and collaboration. GSA invested in an efficient mobile workforce long before COVID hit, and that investment paid off. Our teams adapted quickly to full-time telework, enabling us to rapidly turn around and help other agencies do the same.

Part of the reason we were able to move so quickly was because we had embraced cloud computing early by investing in modern network architecture using GSA’s Networx contract.

That’s the second driver of modern government, the flexibilities afforded by the wide-scale adoption of commercial cloud services, which link the physical world to our virtual environments.

Think about the interview that inspired this blog post and how that content reaches its government audience. Twenty years ago, we’d record the interview, and the audio would play on a regional radio station. That’s the only way the audience would experience it.

Now, you can use a desktop, laptop, tablet, or mobile phone, (or a landline) not just to listen, but to participate. You can chat or post a question, and get a response in real-time. We have captioners (or AI/bots) who listen, transcribe, and produce a running transcript, and even video interpreters who can translate the conversation into American Sign Language.

The cloud-based software-as-a-service we use takes all these inputs and outputs raw data, which is stored and accessed securely within a FedRAMP-authorized environment. All that data is logged and analyzed in real-time while a host of systems operate in the background to defend against malicious actors.

Finally, it all gets encrypted and exits the platform, travels through the open Internet, and crosses the threshold back into a given federal network through Trusted Internet Connections. There are many types of “federal networks” ranging from a wired wide area network at an agency’s headquarters to someone’s home Wi-Fi, accessed through a Virtual Private Network and managed by a trusted vendor.

You may still catch that interview on the radio, but you can also experience it anytime from any device.

Every one of these services must be procured correctly, and that’s what GSA’s contracts ultimately provide.

Shared services — effective and efficient

When done right, a complex resource like what I described above isn’t limited to one department, rather it’s a service that becomes easily available to every employee of the agency — a shared service.

The benefits of such an acquisition are enjoyed across the entire enterprise, and that might be the most exciting change — that government agencies are starting to plan and buy IT more as a single enterprise than a loose collection of disparate parts.

This is federal category management in action. Internally, we’ve restructured our program units to better support enterprise offerings like managed services.

What once was called our office of Telecommunications Services is now Enterprise Technology Solutions because customers increasingly want secure, simple, and flexible capabilities that run on top of traditional networks.

Shared services have both stayed the same and evolved. I have two of the original e-Gov services in my portfolio with USAccess and the Federal Public Key Infrastructure program. Agencies still rely on these offerings every day, and they go a long way to reducing duplication of effort.

GSA, here to help

Of course that’s only the first part of the question. What hasn’t changed is the hard work and dedication of public servants and industry partners working hand in hand to ensure each agency fulfills its mission.

Visit our website to learn more or use our IT Solutions Navigator to find the vehicle that’s right for you.

Follow ITC on Twitter and LinkedIn, and subscribe for blog updates.

Posted on

October is Cybersecurity Awareness Month

Blue promotional image with laptop, desktop, and mobile device clipart on the right side of the image. White text on the left reads "Is your agency cyber ready? GSA can help."

Is your agency cyber ready?

October is Cybersecurity Awareness Month and this year’s theme is “See Yourself in Cyber.”
Planning and executing a cybersecurity acquisition is a winding road. It can be daunting without a clear place to start. Federal agencies are challenged with navigating changing threat environments, new policy mandates, and an ever-evolving technology landscape. Acquisition professionals within the federal government have a large role in helping to protect our Nation’s networks and assets but don’t have to take this on alone. GSA offers convenient access to a range of resources to help identify requirements and create a plan, compare contract vehicles, and develop a solicitation to award a contract.

GSA is here to help “See Yourself in Cyber” and get your agency one step closer towards being cyber ready.

Current cybersecurity requirements

Executive Order (EO) 14028: Improving the Nation’s Cybersecurity and associated Office of Management and Budget (OMB) memoranda established critical policy goals federal agencies must follow. These goals include implementation of a Zero Trust Architecture (ZTA) and the adoption of Cybersecurity Supply Chain Risk Management (C-SCRM) practices within Information and Communication Technology (ICT) supply chains. Federal agencies have also been targeted in a number of high-profile cyber attacks resulting in new and evolving program needs to protect their networks from and respond to future attacks.

GSA offers multiple resources to help make sense of these new policies and program drivers and translate them into requirements for a solicitation:

  • GSA’s EO 14028 webpage and the Zero Trust webpage connect users with resources related to recent cybersecurity requirements.
  • GSA subject matter experts (SMEs) offer focused cybersecurity training that discuss many of the policy and technology drivers impacting the Federal cybersecurity marketplace.
  • GSA has multiple videos on cybersecurity on ITC’s YouTube playlist. Topics include use case scenarios for agencies seeking to procure cybersecurity solutions and the journey toward implementing a ZTA.

Buyer’s Guides

GSA offers a wide range of cybersecurity services and solutions. We know it can be difficult to select the right fit for your agency’s requirements. To help demystify this process, GSA developed a number of buyer’s guides that identify which solutions meet your agency’s specific cybersecurity needs:

GSA-offered cybersecurity services and solutions

GSA has several cybersecurity-specific contracting offerings, including:

  • The Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN) on the Multiple Award Schedule Information Technology (MAS IT), established in collaboration with OMB and the Cybersecurity and Infrastructure Security Agency (CISA), which provides:
    • Proactive and reactive cybersecurity services.
    • A wide range of vendors capable of meeting your agency’s small business and socioeconomic contracting goals.
    • Access to technically evaluated cybersecurity vendors. Vendors must pass an oral-technical evaluation to be able to offer services through the HACS SIN.

If you have questions about whether your requirement fits within the scope of the HACS SIN, GSA SMEs are available to provide free and individualized consultations, and scope reviews.

  • The IT Professional Services SIN on MAS IT that offers agencies:
    • Access to pre-vetted IT solution providers.
    • Pre-negotiated prices that can be further discounted.
    • Established terms and conditions at the master contract level that can be customized at the task order level.
    • A diverse pool of vendors to help meet socioeconomic and small business contracting goals.
    • Two cybersecurity-specific subcategories: IT Backup and Security Services, and Information Assurance.
  • The Continuous Diagnostics and Mitigation (CDM) Tools. CISA maintains the CDM Approved Products List (APL), the authoritative catalog for CISA-approved CDM IT products. To purchase products on the APL, agencies can use:

Planning and procurement tools

GSA gives buyers an entire toolbox to guide the process of developing and releasing a solicitation, from market research to procurement.

  • GSA’s Market Research as a Service (MRAS) gives buyers access to rapid, targeted market research for their acquisitions at no cost. MRAS can be used to identify GSA contracts that might fit requirements, get information on vendor pools and market data, or compare and search products offered on GSAAdvantage!®.
  • Buyers can also use GSA’s IT Solutions Navigator to identify the right contract vehicles to meet cybersecurity needs. Users can select types of products or services to see a list of best-fit contract vehicles and solutions that meet requirements.
  • On GSA eLibrary, agencies can view vendor pools offered under different contract vehicles, review vendors’ terms and conditions, and view their socioeconomic designations and geographic locations.
  • The IT Security Hallway on the Acquisition Gateway displays multiple resources for government users in one convenient location. Users can access sample statements of work for the HACS SIN and a tool to help calculate Independent Government Cost Estimates (IGCE).
  • Agencies can also use GSA eTools, including GSA eBuy and GSA Advantage!® to initiate the procurement process and release documents to industry. On GSA eBuy, Requests for Information, Requests for Quote, and Requests for Proposals can be released to holders of the contract vehicle selected. On GSAAdvantage!® buyers can compare products and pricing to make purchases or view past solicitations released as a resource.

GSA offers continued support

GSA support doesn’t stop once you’ve released your solicitation. We are committed to providing support to agencies throughout the entire acquisition lifecycle. If you have questions related to an offeror’s submission, or need to clarify questions from industry, our experienced cybersecurity and contracting SMEs can assist. For SME support, contact the GSA IT Security Subcategory at ITSecurityCM@gsa.gov.

While cybersecurity acquisitions may seem intimidating at first glance, GSA offers plenty of resources to help demystify the process. If you need additional assistance, you can contact the Customer Service Director (CSD) dedicated to your agency and region, or your agency’s National Account Manager (NAM). CSDs and NAMs are a valuable source of information on GSA programs and can connect you with further support or training. To learn more about CSDs and how they can help, watch this video.

Follow ITC on Twitter and LinkedIn, and subscribe for blog updates.