The Pentagon uses this procurement mechanism to enable components more flexibility than traditional funding pathways do. OTAs are also seen as a way to support small companies carrying out technology-driven prototype, research, and production projects for the government and military.

“Nevada is at the forefront of innovation, but small businesses need more support to enter the defense sector. My bill ensures the federal government is helping new small businesses get the funding they need to succeed in this industry by bringing much needed oversight to OTA awards,” Cortez Masto told DefenseScoop in an email on Thursday.

If passed, it would mandate the undersecretary of defense for acquisition and sustainment to set up a pilot program for DOD to properly “track the number and amounts awarded to small businesses and nontraditional defense contractors performing on transactions using other transaction authority, including those carried out through consortia,” according to the proposed bill’s text, which was shared with DefenseScoop.

The legislation would require the directorate to brief appropriate congressional committees regularly over the next five years or so, on the overarching process and the awards data that the pilot program captures.

“Not later than September 30, 2029, the Department shall provide a briefing to the Committees on Armed Services of the Senate and the House of Representatives on the final data collected and shall include any recommendations to make the data collection permanent,” the bill states. 

Notably, a pilot of this type marks a key recommendation that the Government Accountability Office presented in its 2022 report that put a spotlight on needs for improving OTA management.

“As DOD continues to rely on OTAs, Congress must increase reporting requirements and oversight over the program to prevent fraud and abuse. Cortez Masto’s legislation will help DOD use its OTA tools more effectively, improve the way it tracks where OTA award dollars are going, and make it easier for small businesses to engage with DOD to foster innovation and strengthen our national security,” a spokesperson for the senator told DefenseScoop. 

Beginning Friday, both congressional chambers are in recess through Sept. 9.

The post Senator urges more oversight, data tracking on defense OTAs  appeared first on DefenseScoop.

The Government Accountability Office, in another examination of how the DOD uses rapid authorities to get capabilities on contract, assessed that the Pentagon has more work to do in the transparency department, but acknowledged it has made progress.

In recent years, the DOD has made significant use of other transaction agreements, or OTAs, which exist mostly outside the traditional contracting process. This allows the DOD greater flexibility to get capabilities developed faster, albeit, with less oversight and requirements than with existing federal acquisition regulations.

These OTAs can go to individual companies or to consortiums, which can be composed of defense contractors, nontraditional companies, non-profits or academic groups. They typically specialize in a particular technological area.

The majority of OTAs in recent years went to consortia, GAO found, with $24 billion between fiscal 2019 and 2021, specifically for prototyping efforts to include the COVID-19 vaccine. Moreover, most of the 28 consortia awarded during this time were only managed by four organizations.

GAO found that there is limited insight into these organizations, which could hinder efforts for oversight and improvement.

“Despite DOD’s increased use of consortia-based OTAs in recent years, DOD and decision makers have limited insight into these OTAs, including who receives them. We and the DOD Inspector General previously recommended that DOD provide additional guidance and greater transparency and oversight to help manage the risks associated with consortia-based OTAs,” the report stated. “DOD has collected some data on consortia-based OTAs, but it does not have data on the obligations each consortium has received because it does not have a systematic approach for tracking which consortia receive awards.”

Insight into these awards is critical to determine if these consortia are accessing cutting-edge technologies to help deliver capabilities, GAO said.

“[T]he lack of centralized information-sharing puts the onus on contracting personnel to develop their own practices or rely on ad hoc outreach to others to identify key considerations for planning prior to the award of consortia-based OTAs,” according to the report. “DOD is missing an opportunity to leverage the knowledge, experience, and lessons learned of its contracting personnel who have awarded consortia-based OTAs to better inform future awards, including considerations for structuring consortia-based OTAs, negotiating [consortium management organization] compensation, and whether to use an existing consortium or not. Sharing such information across the department will better position DOD’s contracting workforce to use its OTA tools more purposefully and effectively, resulting in better use of taxpayer dollars and increased capabilities delivered to the warfighter.”

GAO provided a series of six recommendations, including the development and implementation of a systemic approach to track obligated dollars consortiums receive. But until then, information should be provided to the public on dollars awarded including updating DOD guidance to require contracting personnel to manually report the information.

The watchdog also recommended collection and documentation on negotiating consortia management organization and compensation, collection and documentation on creating new consortia and maintaining a list of current consortia to include information on management and technology area focuses.

GAO noted that DOD concurred with all of its recommendations and prescribed plans to address them.

The Army, which has obligated the most in OTAs across all the services, has said it wants to ensure it is effectively using its contracting authorities.

“Having previously served in [Assistant Secretary of the Army for Acquisition, Logistics, and Technology] coming into this role, it was important for me to assess along the major programs of record and prototyping efforts we’ve got, how are we doing in terms of using those rapid acquisition authorities, making effective use of OTAs and bridging over to a fully fielded system,” Gabe Camarillo, undersecretary of the Army, told reporters following an address at the Potomac Officers Club Army Summit in August. “I’m cautiously optimistic, I should say, on our progress, just given the number of programs that are beginning to transition this last year and going into next year.”

The post DOD still has work to do on OTA transparency, per GAO appeared first on DefenseScoop.

Bringing the classified network into the Thunderdome initiative — which is aimed at helping the Department of Defense move toward a zero trust architecture — is a major evolution for the program.

“The six-month extension is essential to allow DISA additional time to expand the Thunderdome pilot to include the Secure Internet Protocol Router Network and complete development, testing and deployment planning for the original unclassified prototype,” the agency said in a July 28 press release.

In January, DISA announced that it had awarded a $6.8 million Other Transaction agreement (OTA) to Booz Allen Hamilton for Thunderdome prototyping, with a six-month development timeline. The recently announced extension of the pilot will push the expected completion date to January 2023.

The agency said the ongoing Ukraine-Russia war — which began in February and has reportedly included cyberattacks from both sides — underscores the importance of securing systems like the SIPRNet, which is used globally by the Pentagon and the U.S. military to transmit secret information.

“While we have been working on developing a zero trust prototype for the unclassified network, we realized early on that we must develop one, in tandem, for the classified side. This extension will enable us to produce the necessary prototypes that will get us to a true zero trust concept,” DISA Deputy Director Christopher Barnhurst said in a press release July 28.

The SIPRNET framework “is antiquated and needs updating,” according to the release.

“Thunderdome will be a completely comprehensive and holistic approach to how the network operates — a major shift from the current architecture,” it added.

The new capability’s “secure access service edge” is expected to integrate with DISA’s Cloud Defensive Cyber Operations, Enterprise Comply to Connect, and Identity, Credential, and Access Management solutions.

“While Secure Internet Protocol Router Network is undergoing a number of modernization efforts led by DISA, the Thunderdome prototype is an important part of the SIPR redesign process and will provide SIPRNet with the security benefits of a zero trust architecture. During this extension period, DISA will design and implement a SIPR zero trust production solution that is focused on improving and better securing the SIPRNet core infrastructure. This will provide DISA with improved visibility to ensure that people cannot access documents that they do not have the need to see,” the agency said in the release.

In an executive order last year, the White House directed federal agencies to develop plans for implementing zero trust. The directive was part of a larger push to modernize the U.S. government’s cybersecurity in the wake of cyberattacks that compromised federal agencies through the exploitation of software.

Jason Martin, digital capabilities and security center director at DISA, told reporters in April at AFCEA’s TechNet Cyber conference in Baltimore, that Thunderdome will “fundamentally change” the Defense Information Systems Network (DISN) and the way that the Department of Defense Information Network (DODIN) interoperates with the DISN.

“I think those are all obviously critically important to what we’re trying to do across the department,” he said.

DISA is developing a departmentwide strategy for transitioning the DOD from today’s cybersecurity frameworks and tools to Thunderdome or other zero trust solutions.

The six-month extension of the OTA with Booz Allen Hamilton will give DISA additional time to work on the strategy; conduct operational and security testing beyond what was planned for in the initial Thunderdome pilot; and mitigate the overall risk of deploying zero trust capabilities, Martin said in the release.

Booz Allen Hamilton declined to comment.

The post DISA expanding Thunderdome cybersecurity project to include classified network appeared first on DefenseScoop.

In a study by George Mason University’s Center for Government Contracting on Wednesday, experts argue that consortia are playing a pivotal role in high-profile and other Defense Department acquisition efforts, and particularly those associated with other transaction authorities (OTAs).  

A consortium typically refers to a group of entities that forms an agreement to cooperate on hard-to-solve problems and achieve common objectives.

But the new research also suggests that DOD must improve how it captures and uses data to fully harness the value of such cadres. 

“It is my sense that the data is not strategically being used on an enterprise level at DOD [regarding consortia]. So, while there may very well be pockets of places that have data on these contracts, or those contracts, or this consortia — or even this area, right, — it is not flowing up in a constantly comprehensive way. That’s step one,” Moshe Schwartz told FedScoop. “And step two, it’s not then being used to inform decision-making.”

Schwartz, a procurement expert who previously served as Executive Director of the congressionally mandated Advisory Panel on Streamlining and Codifying Acquisition Regulations, is now President of Etherton & Associates. He and Stephanie Halcrow — an external advisor to the Department of Defense’s Acquisition Innovation Research Center, senior fellow at GMU’s Center for Government contracting and former Professional Staff Member on the House Armed Services Committee (HASC) — provided FedScoop with a first look at this new research they co-authored, ahead of its publication. 

Halcrow noted that during her time as a Congressional staffer, she had so many questions about the process and impact of consortia that seemingly didn’t have answers. “So I thought, this is the report that we want to write that I always wanted to read when I was on the committee,” she said.

In their study, the officials identified 42 consortia supporting agreements, as of May 2022. Of those groups, 38 support the DOD, and four are working with other federal agencies — and 12 of the overall 42 contributed data that informed the experts’ review. 

“I think the biggest challenge that we found in writing this report was getting access to the data to support our findings,” Halcrow explained. “The data exists — but it is not publicly accessible in an easy way.”

Despite that issue, the report incorporates a complete history of the Pentagon’s work with consortia, how the group’s are typically composed and insights into some of the technologies they’ve recently enabled for national security purposes. Three specific use cases depicting consortia-enabled technological innovation are also included. 

In one, DOD used its existing relationship with a medical defense consortium to solicit advanced research and manufacturing of 100 million doses of a vaccine to combat COVID-19. 

“That is so much bigger than DOD, but without the consortia it would never have happened,” Halcrow said.

Ultimately, Halcrow and Schwartz found that consortia bolster engagements between government and non-federal players, expand the defense industrial base — and, in some circumstances, they can significantly speed up acquisition timeliness and promote innovation. 

The co-authors conclude the report by providing seven specific recommendations to improve how DOD benefits from consortia going forward. At the top of that list is their suggestion associated with that gap in data: “improve visibility and transparency.” 

“Part of the conversation around consortia and OTs has been about a lack of transparency and lack of visibility — and one of the questions was, ‘is it that there is no data?’” Schwartz said. But the research showed that “by and large, that data is there and people are generally willing to share it, particularly on the industry side,” he added, “so, let’s see what we can start exposing.”

Among other recommendations, the co-authors also suggested that DOD avoid additional regulatory burdens that could limit consortia, and focus on improving technology transition.

The two are planning an event at George Mason University soon to highlight their findings for the public.

“We would love to talk to as many people about it as possible — be they DOD, industry, academia, Congressional staff, or agencies — because we believe this is an important issue that all of them are interested in,” Schwartz said. “We would love to, I think, do more work in this area both in other events, as well as possibly a follow-on report. So, we’re already talking about that amongst ourselves and seeing if there are opportunities there.”

The post George Mason experts urge DOD to improve how it uses data from tech consortia appeared first on DefenseScoop.

Specifically, the award is for so-called hunt-forward operations, which involve physically sending defensively-oriented cyber protection teams from the Cyber National Mission Force to foreign nations to hunt for threats on their networks at the invitation of host nations.

Sealing Technologies’ prototyped solution was awarded funding through an other transaction authority agreement (OTA) through the Defense Innovation Unit, the company said.

The equipment will support automated deployments, configurations and data flows for cyber ops. It is modular in self-contained units that can be carried on commercial aircraft, according to the company.

“SealingTech’s kit is designed to be modular so it can be configured for mission requirements and optimized for enhanced performance characteristics,” said Angie Landress, program manager at Sealing Technologies.

Recently, working with industry and academia, Cyber Command was able to develop new kits for hunt-forward operations that allow them to observe malicious cyber activity on more networks faster, Holly Baroody, deputy to the commander of the Cyber National Mission Force, said during an event hosted by AFCEA’s D.C. chapter Wednesday. It wasn’t immediately clear if she was referring to Sealing Technologies’ capability.

Hunt-forward operations are a key pillar of Cyber Command’s persistent engagement operating concept, which posits constant contact with adversaries to cause them friction in their attempts at malicious behavior aimed at the U.S. homeland and partner nations.

“Through our hunt-forward operations, we’re able to detect and identify adversary malware and techniques, often before it’s used against the United States … We go where the intelligence tells us there’s a shared threat to our homeland,” Baroody said. “We then share that with the partner nation so that they can take the necessary steps to secure their networks. We also share our findings with other government partners like FBI, DHS CISA, as well as private industry, arming them with the information to bolster the defense of our homeland.”

These operations also require important relationship and trust building with partners in order to place sensors on their networks to observe traffic.

Since 2018, Cyber Command has deployed teams more than 28 times to 15 nations on over 50 networks, Baroody said, including to Ukraine and NATO countries to bolster defense against Russian cyberattacks.

As part of its efforts to cause friction for adversaries, the Cyber National Mission Force will release information about malware discovered during these hunt-forward operations to expose enemy tools and warn the broader cybersecurity community.

To date, the force has released over 90 malware samples, Baroody said.

“We leverage the industry standard of VirusTotal to ensure the industry partners can strengthen their networks and that the tools our adversaries employ can be inoculated against — essentially removing it from their arsenal,” she said.

The post Cyber Command awards nearly $60M contract for ‘hunt forward’ operations appeared first on DefenseScoop.