GSA and DIU work together to onboard non-traditional entrepreneurs
The best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews at Apple podcast or Podcast One.
The government’s civil and defense parties have taken a big step together to bring the Department of Defense’s innovative and non-traditional contractors into the mainstream of federal contracts. It takes the form of an agreement between the Defense Innovation Unit and the General Services Administration. The GSA is in the process of moving a dozen of these companies from the IUD prototype list to the GSA Multiple Award Schedules program at the ACTIAC Emerging Technology conference in Cambridge, Maryland, GSA Senior Technology Advisor Sam Navarro, shared details about the Federal Drive with Tom Temin.
Sam Navaro: We talked today about improving digital transformation and innovation in the government space, one of the things we want to do is take good ideas and roll them out across government . Thus, the Defense Innovation Unit is now a key partner in attracting small innovative companies and showing that they have a proof of concept to add value in the defense space. So we just signed a brand new contract to make sure these vendors and their capabilities are available for use by our civilian counterparts. And so we’re excited to speed them up the timeline as quickly as possible, so their abilities are available to civilians.
Tom Temin: So these are suppliers who have gone through DIU, perhaps on an OTA now graduating them, if you will, towards regular federal acquisition according to schedules?
Sam Navaro: Yes. And as we know, OTAs have their constraints. And the constraints are there for prototyping the proof-of-concept type of work. So, when you want to scale this work across the enterprise, it helps if they use a government-wide solution. And that’s the value we want to bring to the table.
Tom Temin: These are companies that are not otherwise on the schedules or on any, let’s say GWAC that you may be familiar with. These are absolutely new to the federal market via IUD?
Sam Navaro: Yes that is correct. And we could speed them up. They have a sponsor, so we could put them on much faster. We are looking at at least 15, anywhere to 30 days to get them on schedule so they are readily available for government competition.
Tom Temin: How many companies are we talking about here?
Sam Navaro: At the moment we are looking at about ten of them, with whom DIU works, but they are constantly recruiting innovative companies. And our goal is as soon as they prove their worth to the government, we ship them to our site on schedule.
Tom Temin: Well, give us some examples. I mean, can you name a few men what they brought to IUD?
Sam Navaro: Yes, and precisely so as not to get into endorsements, I will not say precisely which companies, but we are looking at six different areas of intervention. The area in particular is AI and ML. And in the field of robotics, there have been a lot of use cases where they have been innovative in the DoD space. And when you think about AI, ML, and robotics, we just had the CTO of DHS here today. And there are many concepts for customs and border patrol or to protect federal agents from different scenarios where robotics can be applied, globally.
Tom Temin: Yeah. So in some ways the Department of Defense mission in that sense resembles the DHS mission in terms of tactics and requirements and field work and so on.
Sam Navaro: Precisely.
Tom Temin: When you say these companies that have a sponsor, would that be the IUD?
Sam Navaro: Yes, yes and Mr. [Michael] Brown, who is in charge of the DIU, signed an agreement with Laura Stanton, who is the associate commissioner of the ITC, and they set out the critical parameters to get results for the government. So they want to make sure that in all six focus areas, we get providers in the emerging tech space, which citizen service agencies can also tap into and benefit from.
Tom Temin: And how do you make sure that just getting on schedule doesn’t become a valley of death for them? There are 50,000 vendors on the schedule, you add 12 more in the ocean. Is there a way, again, you can’t enact certain corporations, you’re the arbiter, but how will anyone know about them?
Sam Navaro: Excellent question. The GSA therefore has a Customer and Supplier Engagement Office. And so we’re working with them to make sure that the use cases that they’ve been able to apply in the defense space align with the civilian space by engaging agencies. So we’re looking to make sure that we’re proactive in engaging agencies that have use cases that align with those vendors, not to endorse any particular vendor, but to let them know that we have vendors of emerging technologies that might be able to meet their needs, then compete with each other.
Tom Temin: What about the GSA from time to time holding conferences and training sessions for vendors and helping them work their schedules better, so they can attend?
Sam Navaro: That’s right. And we also want to not only accelerate them, but also educate them, train them on, like, market research as a service is a tool that we use in the GSA space. So how do they react to these? And when they respond make sure we have industry days, reverse industry days for them too so they can show off their abilities to civilian agencies.
Tom Temin: And just to reiterate, do you think they could be on the schedule in about a month?
Sam Navaro: Yes, we already have four or five on board. And they are already looking to compete for solicitations. And we’re slowly but surely accelerating to get the last batch that’s not integrated.
Tom Temin: And just a matter of acquisition, does this allow DIU to use regular acquisition to buy from them if they want to scale them to production?
Sam Navaro: Yes, DIU and other entities within the DoD, we kind of heard the same theme within research and engineering, and other areas, such as software factory solution, where the DoD needs to evolve. Once they discover that a use case works, how do they apply it across the force? And so we work hard to make sure they have that availability.
Tom Temin 5:52
To the right. And the other thing they’re looking for is, I guess, for lack of a better word, a legal way to be able to buy on a large scale under the FAR from people they’ve bought, and not on a large scale under the OTA authority.
Sam Navaro: Yes, “fair opportunity” means fair opportunity. Everyone bites into the apple with such precision, making sure to follow the rules.
Tom Temin: And a bit more down to earth: you have worked on supply chain security and supply chain assurance issues through ACT-IAC.
Sam Navaro: Yes, ACT-IAC conducted an investigation. And with a lot of the challenges we see in the supply chain, 75% of vendors in the industry have had some kind of impact due to supply chain challenges. One in five struggles to keep doors open. So the question is, how do we work with industry to create best business practices, which allow us to break down barriers, but also keep cyber supply chain risk management principles in place?
Tom Temin: And the result of this will be some sort of playbook?
Sam Navaro: Yes. First of all, we are doing a shark tank this June 6, where we are bringing in people with good ideas. And we want to hear what they have to say and vote on which ones are best for government use.
Tom Temin: And who votes?
Sam Navaro: We have sharks from across government and academia. So right now we have Allen Hill, who is the senior management sponsor, and we’re cycling in other sharks for June 6th. And so by the end, we will have winners to announce to the general public.
Tom Temin: And the playbook comes out by the end of the fiscal year, roughly?
Sam Navaro: Yeah, we’re breaking up – well, in the end, what’s the challenge? The challenge is that there is a lot of content for cybersecurity practitioners, not a lot of content for acquisition personnel. So the goal is, by the end of the fiscal year, to publish a handbook where we can talk about software nomenclature, quality assurance plans, terms and conditions that acquisition staff might place in the solicitations. Relies on industry predictability of what it will look for in C-SCRM solicitations [cybersecurity supply chain risk management] government needs.
Tom Temin: Yeah, Software Bill of Materials (SBOM), I think that’s a particularly tough case, because the term only entered popular parlance about a year ago, perhaps with the Presidential Executive Order, a little over a year. I think a lot of people are trying to figure out what an SBOM is, what form it takes, and then how you use it to evaluate a vendor or evaluate the product you’re getting. And I think a lot of CORs probably aren’t really aware of SBOMs either.
Sam Navaro: Correct, and it has a valuable role to play in pre-solicitation, identifying what licenses you need and what types of software you need, but even in post, right, identifying what intellectual property belongs to the government , in terms of software, and this new AI world that we live in, and what intellectual property still remains with the industrial partner. So we’re looking to flesh that out and see how it works for government and industry in the playbook.
Tom Temin: And one last question: you mentioned software licenses. There have been recent questions, particularly in academia, about the need to ensure that your software license and contract language for AI in particular has the right elements that you need due to the requirements particulars of the AI and who has rights to the training data and all of that. Are you aware of this? And is it something you are working on?
Sam Navaro: At that point, everything is on the table. We are fully aware of the different challenges. I think right now it’s definitely from the perspective of C-SCRM focusing on security and understanding that acquisition personnel are now part of the team. It is no longer just a field for cybersecurity practitioners. Everyone is on deck, including the acquisition staff, so as Dave Lattimore said, cybersecurity is no longer the job of the CISO. It’s all of our jobs, including acquisition staff. And we’re focusing precisely on those aspects is how can we increase security so that those things don’t come out of the box with vulnerabilities that we have to deal with later.