Friday Flash 04.08.22

A Plan for National Cyber Hardening and Resilience

By Chris Williams & Robert Metzger

This week’s FAR & Beyond blog features two guest authors on national security. The comments herein do not necessarily reflect the views of The Coalition for Government Procurement.

The world confronts a turning point in Russia’s war against Ukraine.  Putin pursues annihilation and seeks to intimidate countries providing support to the Ukrainian people in their heroic struggle to retain independence.

Thus far, Russia has been relatively restrained in its use of cyberweapons. This will likely change. The sanctions imposed by the U.S. and its partners are taking a toll on Russia’s economy and its citizens, especially Putin’s autocrat cronies. The invasion has not fulfilled his expectations. It is not in Mr. Putin’s nature to take such punches without striking back.

Putin has threatened escalation, including the use of nuclear weapons. Russia has powerful cyber weapons with which to counterpunch. Putin has used them before in attacks on Ukraine, Georgia, and elsewhere. The West presents an inviting target set, to Putin’s thinking, spanning government, infrastructure, industry, services organizations and especially the financial systems that now are being employed against him.

No comfort should be taken from Russia’s seeming cyber “restraint” so far. And we should not lull ourselves into thinking that Russian cyberattacks will be transitory annoyances. SolarWinds and other attacks mounted by the Russian intelligence services and their proxies have informed and positioned Russia to conduct even more damaging attacks. Indeed, Russia can direct its cyber weapons to corrupt, degrade or destroy infrastructure and industry in the U.S. and elsewhere. The consequences could be harsh.

Putin knew the West would impose “severe” economic sanctions and invaded anyway. Thus, the hard truth is that present measures are unlikely to restrain Russia from cyberattacks that could take a heavy toll upon our industry and infrastructure, affecting our citizenry. And should China seek to take Taiwan by force, we must assume it will launch powerful cyberattacks against those who help defend the island.

President Biden has recognized the danger of Russian cyberattacks against the United States. On March 21, he issued a statement on our nation’s cyber security, which called upon private sector organizations to “harden your cyber defenses immediately” by implementing best practices. Yet, the statement was not accompanied by a willingness to provide funding to accelerate such measures.

Today the U.S. capability to defend critical infrastructures and key industries, including the Defense Industrial Base (DIB), is limited at best. An urgent and bold national effort is needed to harden and make more resilient the most important networks of government, critical infrastructures, and key industries.

“Operation Warp Speed” showed what our scientists and healthcare industry could achieve to protect the public against the dangers of COVID-19. Foreign cyber threats warrant an effort at a similar scale to protect our government, our economy, and our way of life from Russia, China, and other increasingly hostile actors.  Waiting until after the damage is done is not the responsible course. We could find ourselves in a situation where damages suffered are all but unrecoverable, diminishing the status and authority of the U.S. Government and calling into question its ability to provide basic services to the American people.

In 2021 Congress provided the Biden Administration with more than $7 trillion in new spending authority for a range of domestic programs. Yet national security was largely excluded. New funding and priorities are necessary.  We now live in wartime, as vividly demonstrated by daily events in Ukraine.

Business as usual is not acceptable. Distinct from strengthening our military capabilities, hardening our most important national infrastructures and key industries must be the centerpiece of a new bipartisan initiative.

Having completed an Omnibus Appropriations bill for the remainder of the current fiscal year, Congress must now turn its attention to how best to bolster our military capabilities and national cyber defenses. A key outcome of such deliberations would be to establish and fund a National Cyber Hardening and Resilience Program.

Such a Program would have three central purposes: (1) provide significant new funding to Federal departments and agencies to accomplish the objectives of Presidential Executive Order (EO) 14028 to move to the cloud, adopt zero trust architecture, and assure software security; (2) provide significant new funding to the responsible Federal departments and agencies to harden the sixteen critical infrastructure sectors; and (3) establish a Cyber Safety Fund to provide low-interest, potentially forgivable loans to industry, giving preference to small- and medium-sized enterprises to bolster cyber hardening and resilience immediately.

The funds needed to implement the Program would be allocated among the Department of Defense, the Department of Homeland Security’s Cyber and Infrastructure Security Agency (DHS/CISA), and the other sector-responsible departments and agencies. We propose that $100 billion be allocated to civilian agencies and the infrastructure sectors, $100 billion for the Department of Defense (DoD) for hardening critical DoD and national networks, and $50 billion for a Cyber Safety Fund. The funds should be designated as emergency expenditures and remain available until expended.

This level of funding is needed to fulfill the objectives of EO 14028. The undeniable reality is that accomplishing the goals of the EO will be very expensive, yet adequate funds have not been appropriated for this purpose.

The Program would promote our national economy by applying proven technologies from trusted U.S. sources to bolster the cybersecurity and resilience of critical U.S. Government and private sector infrastructures, the DIB, and commercial organizations that qualify for loans. Some projects will produce immediate results, reducing our present exposure. The funding will also enable departments and agencies, critical infrastructure operators, DIB companies, and other commercial enterprises to commit to, accelerate and execute larger-scale, longer-term actions that will significantly enhance the nation’s cybersecurity posture (e.g., moving away from legacy IT systems that are indefensible).

The National Cyber Director (NCD) and his team should be assigned the responsibility to coordinate the implementation of this initiative and to synthesize this program with other initiatives to create an enduring, coherent and transformative national cyber defense and resilience strategy. Working with DHS/CISA, DoD, and the other sector-responsible agencies, the NCD would set priorities for Federal funding and related activities and help guide this urgent national investment. This is precisely the priority mission Congress had in mind when it created the NCD position on a bipartisan basis. Primary responsibility for allocating the funds and managing associated programs would lie with the Secretary of Defense, the Secretary of Homeland Security, the Secretary of the Treasury (for the Cyber Safety Fund), and heads of other departments and agencies, with participation of the Office of Management and Budget, the General Services Administration, and the Small Business Administration.

Speed of implementation will be key. Here, Congress should empower Federal officials to utilize all available authorities to streamline procurement of such goods and services and avoid having the routine regulatory system stymie urgently needed actions to deploy cybersecurity tools and resources that U.S. industry can provide now.

One sub-project that deserves high priority is construction of a specially hardened and resilient network with security sufficient to enable continued core operations of the Federal Government even under the worst conditions imaginable. The Secretary of Defense should have responsibility for this national effort. The U.S. Government must continue to function in times of conflict, even after broadly disabling or destructive cyber or other attacks against Government networks and facilities and various critical infrastructures.

We recognize that additional cyber security and resilience funding is vitally important but by no means a panacea. Many additional actions are needed across multiple fronts to strengthen and sustain America’s cyber defense posture.

Some critics will say the nation cannot afford to fund such an initiative or that the Biden administration has other, more compelling priorities. Russia’s invasion of Ukraine demands that all prior assumptions be revised to reflect the imminent threat to the homeland.

In addition, we cite the President’s declaration in EO 14028 (issued months before Russia’s invasion of Ukraine):  “Incremental improvements will not give us the security we need; instead, the Federal Government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life.” If we do not invest now to protect and defend, we will spend much more time and resources attempting to reconstitute and rebuild after disaster strikes.

In Ukraine, we are witnessing the determination of a proud people to resist an aggressor willing to escalate violence to achieve its political objectives. We know that use of cyber weapons to attack critical infrastructure is a primary tool of modern “asymmetric” warfare. We must expect and prepare for Putin, Xi, and other tyrants to escalate in the cyber domain.

We have been warned. We must harden our critical infrastructures and key government networks before it is too late. A bipartisan approach to achieving enhanced national cyber defense and resilience is both necessary and feasible. Who in Congress will step up to lead this effort?

Chris Williams served in various positions in the Department of Defense and in Congress. Robert Metzger is a nationally recognized attorney and expert on cyber security.

 

GSA Reorganizes FAS Leadership Roles

Federal News Network reported that the General Services Administration (GSA) is reorganizing senior executives within the agency. In an internal memo, GSA Federal Acquisition Service (FAS) Commissioner Sonny Hashmi outlined the leadership personnel changes as part of GSA’s Customer Experience (CX) strategy. These changes will take effect on April 24. 

  • Erv Koehler will be the new Assistant Commissioner of the Office of General Supplies & Services. In this role, he will support acquisition management, retail operations, supply chain management, personal property management, and modernization of legacy systems managed by the portfolio. Currently, he serves as the Assistant Commissioner of the Office of Customer and Stakeholder Engagement.  
  • Charlotte Phelan will be the new Assistant Commissioner of the Office of Enterprise Strategy Management. In this role, she will serve as the executive in charge of all FAS modernization efforts. Currently, she serves as the Assistant Commissioner of the Office of Travel, Transportation, and Logistics.  
  • Crystal Philcox will take over the role of Assistant Commissioner of the Office of Travel, Transportation, and Logistics, where she will oversee the strategic direction and oversight for the agency’s Offices of Fleet Management and Travel, Employee Relocation, and Transportation. She currently serves as the Assistant Commissioner of the Office of Enterprise Strategy Management.  
  • Bill Toth will now serve as the Assistant Commissioner of the Office of Customer and Stakeholder Engagement. He will be responsible for FAS customer outreach, research and analysis, stakeholder relationship management, and national account strategy and management to deliver value to agency customers. Currently, he serves as the Director of the Office of Fleet Management.  
  • Bob Noonan will be serving in a new role as Senior Advisor for Workplace Programs. In this new position, he will lead and coordinate FAS’ efforts in support of the future of the workplace. He will be in charge of developing solutions for Federal agencies as they move to a more remote/telework work environment. Noonan currently serves as the Assistant Commissioner of the Office of General Supplies & Services. 

Bill Introduced Prohibiting Federal Purchases from Companies that do Business in Russia 

On March 21, Representative Carolyn Maloney, Chairwoman of the House Committee on Oversight and Reform, introduced a bill that would prohibit the Federal Government from purchasing goods and services from companies that continue to conduct “business operations” in Russia. Specifically, the Federal Contracting for Peace and Security Act of 2022 prohibits heads of agencies from entering into, continuing, extending, or renewing “a covered contract to procure any product or service from a company conducting business operations in territory internationally recognized as the Russian Federation during the covered period of aggression.”  An exemption applies for the procurement of products and services for “humanitarian purposes to meet basic human needs.” The bill has been referred to the House Committee on Oversight and Reform and was marked up this week. 

 

GSA Outlines Next Steps for Ascend Cloud BPA

Federal Computer Week reported that GSA plans to launch a blanket purchase agreement (BPA) focused on cloud technologies as part of the agency’s mission to provide the Federal Government with a one-stop shop for commercial cloud offerings. According to FAS Commissioner Sonny Hashmi, GSA continues to review feedback from a November 2021 RFI, and plans to host an industry day and release a draft solicitation in the coming months. The new cloud initiative, which will be known as the Ascend BPA, aims to reduce administrative costs for providers as well as the burden on Federal agencies by eliminating the need for them to forecast demand and determine payment for cloud solutions on their own. Hashmi added that the Ascend BPA will be designed with a payment by consumption model and features new insights on Government spend data for cloud consumption.

According to the RFI released in November, the Ascend BPA will be rolled out on a competitive basis and divided into three pools: Infrastructure as a Service (IaaS) and Platform as a Service (PaaS); Software as a Service (SaaS); and Cloud Professional Services.

 

VA Newsletter Highlights Record FSS Sales in FY21 

Last week, the Department of Veterans Affairs (VA) released its March Federal Supply Schedule (FSS) Service newsletter. The newsletter highlights the launch of the Office of Federal Contract Compliance Programs’ (OFCPP) new Contractor Portal which will serve as the Affirmative Action Program Verification Interface. The newsletter also includes an update from FSS Director Dan Shearer, who highlights a record setting year of contract support. According to Mr. Shearer, the VA FSS program achieved a record setting $16.14B in contract support in FY21 for the VA’s Federal agency customers and state and local governments. Additionally, he discusses efforts to improve collaboration with industry, specifically through the implementation of the Customer Experience (CX) initiative. Other sections of the newsletter include: 

  • FSS Working for You: Inside PMRS – Supporting the FSS Community 
  • Pharm Facts: Public Law Season Wrap-up 
  • Contract Corner: 2021 Year in Review 
  • Web Wisdom: Federal Customers 
  • Important: Transition to UEI from DUNS 
  • Did You Know… GSA YouTube Channel Resources 
  • Around the VA: Technology for Home Adaptations 
  • Training Center:  Understanding Tracking Customers 
  • FSS FAQ: How do I access quarterly VA Schedule sales data? 
  • IFF/ROS Reminder
  • Upcoming Training
  • Useful Web Links 

 

GAO Highlights Indian Health Services COVID-19 Response and Supply Shortage Strategy 

On March 31, the Government Accountability Office (GAO) released a report that reviewed how the Indian Health Services (IHS) used its COVID-19 relief funding and how the agency responded to the COVID-19 pandemic. Under the CARES Act, GAO is responsible for reporting on the Federal COVID-19 pandemic response.  

2.6 million American Indians and Alaskan Natives received healthcare from IHS. The agency received $9 billion in relief funding, which is around 50 percent more than its FY20 total budget. IHS funding is allocated to Federal, tribal, and urban Indian organization facilities. While IHS used the relief funding for protective equipment, COVID-19 healthcare services, testing supplies, and vaccine costs, the agency also used the funding to address longstanding concerns, which included  “replacing an obsolete electronic health records system, implementing a clinical video telehealth system, and funding dozens of sanitation and potable water projects.” By September 30, 2021, 62 percent of the relief funds were obligated, and 57 percent were exhausted.  

In April and May 2021, GAO surveyed IHS hospital officials who reported a shortage of supplies throughout the pandemic. On average, supply shortages lasted around four months or less. Some of the IHS hospitals experienced shortages of PPE and infection control supplies, COVID-19 testing supplies and medications, and COVID-19 medical equipment. IHS partnered with Federal agencies, such as the Federal Emergency Management Agency (FEMA) and Health and Human Services (HHS), to supplement its supply chain and efficiently acquire necessary supplies. IHS worked with FEMA to acquire products not available through traditional sources. HHS and IHS formed a formal partnership to ensure IHS hospitals had COVID-19 emergency PPE. After experiencing supply shortages for the first 14 months of the pandemic, most of the IHS hospitals, currently, have adequate supplies and feel confident that they will last into the future.  

 

GSA Announces MAS Refresh #11 

On April 6, GSA announced Multiple Award Schedule (MAS) Solicitation – Refresh #11 will be issued on April 11, 2022. Refresh #11 will revise FAR Clause 52.223-99, Ensuring Adequate COVID-19 Safety Protocols for Federal Contractors, and applies the Supplement to Class Deviation CD-2021-13 for Executive Order 14042 Injunctions. The Refresh and the Supplement are being issued in accordance with the injunction from the United States District Court of Arizona that prohibits the inclusion of the COVID-19 vaccine requirement for Federal contractors and subcontractors domiciled or headquartered in Arizona, or where work will be predominantly completed in Arizona. GSA stated that FAR Clause 52.223-99 is considered to be self-deleting: 

  • in any contract or order issued after February 10, 2022, that meets one or both of the following criteria: (1) an entity domiciled or headquartered in the state of Arizona, including the state of Arizona, or any of its agencies, is a party to the contract, or (2) work under the contract is to be performed principally in the state of Arizona.  
  • for extensions, options or renewals, if work is either principally performed in Arizona, or where a party is headquartered or domiciled in Arizona.  

Any feedback on MAS Refresh #11 can be submitted on the Interact post 

 

In Loving Memory of Geraldine Watson

The Coalition for Government Procurement is mourning the loss of our dear friend and colleague, Gerri Watson. She was a beloved partner and friend to so many of our members and the Coalition staff. We send our thoughts and prayers to her family and would like to share the following internal message with permission from GSA.

It is with a heavy heart that I share the news regarding our dear friend and colleague, Geraldine (Gerri) Watson, who passed away last week.  

Many of you will remember Gerri in her role as the Deputy Regional Commissioner for FAS Region 10 where she assisted the Regional Commissioner/Professional Services Category Manager in managing the operations of the new Professional Services Category Team. During that tenure, Gerri received a Lifetime Acquisition Excellence award (2015) for her “longtime commitment to improving the federal acquisition system.” Gerri retired in 2017 with more than 35 years of government service. 

While Gerri’s career and commitment to the mission are legendary, many of you will remember Gerri as a dear friend who always greeted you with a smile, enthusiastically embraced holiday cheer, i.e. dressed head to toe in shamrock green on St. Patrick’s Day or sporting an “Ugly Sweater” for Christmas, and whose laughter and positive energy enveloped a room and those of us in it.  

As I receive more information about services for Gerri, I will of course share it.   

Our hearts go out to Gerri’s family at this very difficult time. Please keep them in your thoughts. 

Sheri Meadema
Deputy Assistant Commissioner
Professional Services and Human Capital Categories
Federal Acquisition Service  

     

 

Legal Corner: HUBZone Principal Office Flexibility Ends April 1

Authored by John Williams, PilieroMazza

The Legal Corner provides the legal community with an opportunity to share insights and comments on legal issues of the day. The comments herein do not necessarily reflect the views of The Coalition for Government Procurement.

The Small Business Administration’s HUBZone office will soon end the principal office flexibility it introduced during the COVID-19 pandemic. Starting April 1, 2022, firms will no longer be able to count employees who spend most of their time working at home as a principal office employee. HUBZone firms need to be mindful of this as they prepare for their 2022 recertification and manage their HUBZone eligibility going forward. Below, we review the changes announced by SBA and offer our recommendations for dealing with them.

Early in the COVID-19 pandemic, the HUBZone office implemented very helpful measures to assist firms in satisfying the principal office requirement at a time when teleworking was mandatory. PilieroMazza wrote about them here. These flexibilities permitted HUBZone firms to consider teleworkers as principal office employees as long as they met specific requirements. The flexibilities also allowed HUBZone firms to count new hires as principal office employees as long as those employees would have worked from the principal office if teleworking hadn’t been imposed due to COVID-19. We saw firsthand how these measures assisted numerous HUBZone firms in maintaining their HUBZone eligibility during the pandemic.

With life steadily returning to normal (knock on wood), SBA decided to end the COVID-19 flexibilities for the principal office requirement as of the end of  this month. This means that, whether it’s a new hire or an existing employee, the employee will need to spend most of their time physically working from the principal office location to count as a principal office employee.

While the pandemic may be receding, the pandemic’s impacts on how we work—and where we work—seem likely to stay with us much longer. In this regard, SBA’s decision to end the flexibilities for the principal office requirement is disappointing. The reduced overhead expenditures and increased productivity often associated with teleworking have greatly benefited many small businesses. Given the HUBZone program’s goal of focusing on businesses located in underutilized areas, we would argue that maintaining a business location in a HUBZone area serves the spirit and intent of the program even if the people working from that location spend most of their time working at home. Ideally, the principal office requirement would be sufficiently flexible to allow HUBZone firms to count an employee as a principal office employee if the employee considers the principal office as their main office location, and the company has a workspace dedicated to that employee, regardless of how much time the employee decides to spend working from home versus in the office.

We hope that over time the principal office requirement will evolve to better account for the new realities of teleworking in a post-COVID world. Until then, HUBZone firms will need to make sure they have enough people coming physically into the principal office location to satisfy the principal office requirement.

If you have questions about this client alert or would like assistance preparing for your HUBZone recertification, please contact Jon Williams in PilieroMazza’s Government Contracts Group.

 

Healthcare Spotlight: Ineligible Healthcare Providers Found in VA Community Care Program

This week, the Government Accountability Office (GAO) testified before members of the House Veterans’ Affairs Committee on their findings from a recent report on the Veterans Community Care Program (VCCP). GAO found that VCCP controls were often inadequate in ensuring that only eligible healthcare providers were able to participate in the program. In its review, GAO identified approximately 1,600 healthcare providers who were ineligible to work with the Federal Government (of 800,000 providers assessed). These healthcare providers were ineligible because they had revoked or suspended medical licenses, appeared in SAM.gov’s exclusions file, or failed to meet other VCCP criteria. While the number of ineligible providers represented a small percentage of the total number of healthcare providers that may receive referrals through the VCCP, GAO and the House Veterans Affairs Committee members are concerned about the potential risks to veterans. In addition, veterans seeking care from community providers has grown in recent years. GAO reports that, “[a]ccording to the VA, the number of veterans who received community care from non-VHA providers increased from approximately 1.1 million in 2014 to 1.8 million in 2020.”

VHA and the two Third Party Administrators (TPAs), that are contracted to develop and manage the VCCPs network of providers, are responsible for managing the networks of healthcare community providers. While VHA and the TPAs have controls in place to identify eligible healthcare providers, the existing controls proved to be inadequate in some instances. For example, GAO found that VHA did not conduct some automated checks on a monthly basis as expected.

The following chart shows the eligibility requirements for the VCCP:

The primary resources that VHA and TPA contractors use to screen for ineligible providers are:

See page 4 of the GAO’s March 30th testimony for more details.

The 1,800 ineligible healthcare providers that GAO identified in its report included:

  • 27 providers who appeared on the Department of Health and Human Services (HHS) Office of Inspector General (OIG) List of Excluded Individuals and Entities (LEIE) exclusions list;
  • 16 providers who appeared on the U.S. General Services Administration (GSA) System for Award Management (SAM) exclusions file;
  • 601 deceased providers listed on the HHS National Plan and Provider Enumeration System (NPPES) monthly NPI deactivation file;
  • 216 providers with revoked licenses;
  • 796 providers who surrendered their licenses in response to investigation; and
  • 37 providers who had a fraud-related judgement or conviction.

In December 2021, GAO made 10 recommendations designed to strengthen existing controls and ensure that they are consistently enforced. The House Veterans Affairs Committee is also considering the Improving Oversight of VA Community Care Providers Act of 2022 (HR 7277) to address weaknesses in the VCCP program.

 

Discounted Training Offerings for Coalition Members

To complement the Coalition’s current education and training offerings, we have partnered with Federal Publications Seminars (FPS) to provide even more online training courses to our members at an affordable price.

FPS will provide Coalition members access to an annual training subscription to both the FPSOnline Professional and FPSOnline Premium curriculum for $395 and $1,795 per person/year, respectively. These fees represent nearly a 50% discount off the FPS retail price of each online curriculum.

The FPSOnline Professional subscription, regularly priced at $795, includes unlimited access to all live and on-demand webinars and webinar series. There are more than 550+ webinars in the on-demand library, and 100+ live webinars and series produced each year. The discounted subscription can be purchased here FOR $395 using this promotional code 395THECGP2022.

The FPSOnline Premium subscription, regularly priced at $2,495, includes the Professional subscription benefits listed above plus unlimited access to 150+ live and on-demand 1-5-day virtual training courses which are offered annually. The discounted subscription can be purchased here for $1,795 using this promotional code  1795PREMCGP2022.

Other highlights include:

  • 8-12 NEW live webinars offered each month; most of which are CLE/CPE approved;
  • Live virtual 1-5 day training courses offered annually and in the classroom;
  • Live webinars and on-demand courses are usually 60-90 minutes in length and cover everything from emerging hot topics to more substantive compliance and regulatory issues like CMMC – What this Means for IndustryCost Accounting StandardsEffective Ethics Programs for Suppliers, and FAR Part 37 – Service Contracting
  • A wide collection of government contracting related resources, white papers and job briefs; and 
  • Downloadable course completion certificates.  

(Please note, FPS Classroom Courses, Certificate Programs, and FPSCustom training are not included in the FPSOnline Professional or Premium subscriptions and may be subject to additional charges from FPS.) 

For more information about this member benefit, please contact Matt Cahill at mattcahill@thecgp.org.

 

Off the Shelf: IT Category Management in the Federal Space 

Laura Stanton, the Governmentwide IT Category Manager and Assistant Commissioner for the IT Category in GSA’s Federal Acquisition Service, joins host Roger Waldron on this week’s Off the Shelf for a wide-ranging discussion of IT category management’s operating principals, goals, and impact across the Federal space. 

Listen to the full episode here 

 

State Department Forms Bureau of Cyberspace and Digital Policy 

According to Federal Computer Week, the Department of State will establish a Bureau of Cyberspace and Digital Policy (CDP). The office will concentrate on digital modernization in the Federal Government with focus areas that include national security, economic development, and digital technologies. According to the State Department’s website, the CDP will coordinate “the Department’s work on cyberspace and digital diplomacy to encourage responsible state behavior in cyberspace and advance policies that protect the integrity and security of the infrastructure of the Internet, serve U.S. interests, promote competitiveness, and uphold democratic values.” Secretary of State Anthony Blinkin added that the office will incorporate emerging technologies into policy decisions.  

 The CDP will be headed by Jennifer Bachus, the former Deputy Chief of Mission at the U.S. Embassy in Prague, Czech Republic, and will include three distinct policy offices – International Cyberspace Security, International Information and Communications Policy, and Digital Freedom. 

 

GSA Looks to Grow Login.gov 

According to Federal Computer Week (FCW), GSA aims to scale the use of Login.gov. Login.gov provides Federal Government websites with authentication and identity proofing and allows the public one account to access all online Federal Government websites securely. GSA wants to increase the number of active users from 16 million to 41 million. Login.gov launched with several partners in FY21, and GSA is planning more launches in FY22.  

While GSA plans to increase the number of participating Federal agencies and programs using Login.gov, the agency still has not decided on whether to use biometrics in its “authentication and identity verification system.” Currently, GSA has eliminated the use of facial recognition due to concerns about discrimination with the technology. GSA wants Login.gov to be a one-stop shop for accessing Government services online, but does not want to compromise sensitive information.   

According to FCW, a GSA spokesperson confirmed that the agency does not want “to use facial recognition, liveness detection, or any other emerging technology in connection with government benefits and services until rigorous review has given us confidence that we can do so equitably and without causing harm to vulnerable populations.” 

The agency has a goal to increase identity verification rates throughout all demographics. GSA has allocated $187 million to Login.gov through the Technology Modernization Fund. Some of the funding will be used for cybersecurity as well as the addition of in-person options for identity verification. 

 

Unique Entity ID Replaces DUNS Number  

According to a notice posted by GSA, as of April 4, the Unique Entity ID from SAM.gov will be the authoritative identifier for companies doing business with the Federal Government. The DUNS Number is no longer valid for Federal award identification. All entities registered in SAM.gov already have a Unique Entity ID which is viewable on the site. Entities new to SAM.gov will receive their Unique Entity ID during registration. The following changes became live on April 4: 

  • The DUNS Number has been removed and the Unique Entity ID is now the identifier of record for all entities in IAE systems; 
  • SAM.gov generates the Unique Entity ID, which will be used in Federal award systems; 
  • SAM.gov searches, contract data, ad hoc reports, Application Programming Interfaces (APIs), and extracts use the Unique Entity ID. DUNS numbers will no longer be found in any SAM.gov searches, views, or extracts; 
  • Entities now make updates to their legal business name and physical address through SAM.gov. Once you select “Create Incident” through the update entity information workflow, you will monitor the status of your ticket in your SAM.gov Workspace or in the Federal Service Desk (FSD.gov) instead of going to Dun & Bradstreet; and 
  • Entities registering for the first time will be assigned a Unique Entity ID as part of the registration process. 

For more information about what entities can do now that the Unique Entity ID is in effect, click here. 

 

GSA and EPA Release Greenhouse Gas Emissions Webinar Series for FAS Contractors

GSA and the Environmental Protection Agency (EPA) have launched a series of webinars for Federal contractors on managing greenhouse gas (GHG) emissions. Executive Order 14030 instructs the Federal Acquisition Regulatory (FAR) Council to consider amending the FAR to require major Federal suppliers to publicly disclose their greenhouse gas emissions and climate-related financial risk and to set reduction targets. These webinars help to familiarize Federal contractors with the current policy landscape regarding GHG Management in Federal acquisition, understand the GHG inventory development process, access EPA resources, and identify opportunities to reduce their GHG emissions.

For more information from GSA on the agency’s efforts related to GHG emissions, read this 2021 blog post by Mark Lee, Assistant Commissioner of the FAS Office of Policy and Compliance.

 

Webinar: Foreign Sourcing and Supply Chain Issues, April 12     

The Coalition is pleased to host an upcoming webinar on Foreign Sourcing and Supply Chain Issues. This webinar will take place on April 12 from 12 -1 pm EST and will feature speakers from Covington, including Susan Cassidy, Partner; Mike Wagner, Partner; and Anna Menzel, Associate.     

The recent stress on worldwide supply chains is causing contractors to look for new sources of supply. This webinar considers the implications of U.S. Government sourcing obligations when making supply chain adjustments, including the requirements of the Trade Agreements Act, Buy American Act, limitations on using certain foreign telecommunications equipment (even if such equipment is not sold to the U.S. Government), and other emerging sourcing requirements and restrictions in this time of intensifying U.S.-China tension. The three presenters will review the sourcing limitations imposed by the U.S. Government and address the need to update certifications and contract documents when making changes to the supply chain.     

Click here to register.    

 

Upcoming Coalition Meetings  

The Coalition is pleased to announce a full schedule of upcoming meetings in April for members. Please join us for the following meetings: 

*To RSVP for any of these virtual meetings (excluding the April 6 Furniture Committee meeting), please contact Michael Hanafin at mhanafin@thecgp.org. 

Healthcare Committee Meeting with VA OIG on FSS Preaward Reviews, April 12  

On April 12 at 10 am EST, the Healthcare Committee will host a virtual meeting with the VA Inspector General’s Office on its recently published Summary of Preaward Reviews of VA FSS Nonpharmaceutical Proposals. Our guest speaker will be Michael Grivnovics, Director of the Federal Supply System Division, Office of Contract Review in the VA Office of Inspector General (OIG).  Mr. Grivnovics will discuss the OIG’s findings, and most importantly, lessons learned for contractors— e.g., how to ensure that commercial disclosures are more accurate, complete and current from the OIG’s perspective. 

Green Committee Meeting on Sustainability Requirements and Trends, April 19

Please join the Coalition for its next Green Committee meeting on April 19 at 10 am EST for an update on Sustainability requirements and trends for Federal contractors. Our guest speaker will be Paul Freeman, Partner, with Crowell & Moring. The discussion will include potential greenhouse gas (GHG) reporting requirements for major suppliers.

IT/Services Committee Meeting with GSA’s IT Category Part 2, April 26 

The Coalition will be hosting its second virtual IT/Services Committee Meeting with GSA’s Office of Information Technology Category team on April 26 from 11 am – 12 pm EST. Guest speakers for this meeting will be Cheryl Thornton-Cameron, Executive Director, Office of Acquisition Operations, and Larry Hale, Acting Director, Office of IT Services. During the meeting, they will provide an update from GSA’s Office of IT Category. Please submit any questions or topics for the meeting to Michael Hanafin at mhanafin@thecgp.org.