GovConJudicata Weekly Debrief (4/18–22)
The week's Weekly Debrief covers DoD's winding road to enterprise cloud, CMMC, DIU opens in Chicago, intel weighing role of OSINT in light of Russia conflict, defense contractor's cyber trial could be DoJ bellwether, and GSA's busy 2022.
"The award date for the Pentagon’s latest multibillion-dollar pursuit to provide departmentwide commercial cloud services was recently delayed, pushing out the release of some capabilities to at least early-2023—or roughly 4 years after the time initial deliveries were first slated under the original Joint Enterprise Defense Infrastructure cloud contract."
"The Pentagon is assessing whether to develop cloud service offerings to help contractors meet requirements for its cyber certification program, according to the Defense Department’s deputy chief information officer. The Cybersecurity Maturity Model Certification (CMMC) program aims to strengthen the cybersecurity of the defense industrial base by holding contractors accountable for following best practices to protect their network, but can be an onerous undertaking both for the companies and their assessors. The Pentagon last November rolled out CMMC version 2.0, streamlining the security tiers of the program from five to three and resulting in some requirements changes for its first two levels."
"The Defense Innovation Unit, which helps expand the DOD's use of commercial technologies to solve national security problems, is opening what will be its fifth office in Chicago. DIU also has offices in other regions with robust tech-centered ecosystems of companies and academic institutions including Mountain View, Calif., Boston, Austin, Texas, and Washington, D.C."
"Intelligence agencies have struggled to define how open source intelligence fits into its broader work, but the wide breadth of publicly available information about the Ukraine conflict, combined with proactive disclosures of classified information, are providing some clarity about OSINT’s role."
"On April 26, trial will begin in United States ex rel. Markus v. Aerojet Rocketdyne Inc., where relator Brian Markus, Aerojet’s former senior director of cybersecurity, alleges the company violated the False Claims Act (FCA) by concealing cybersecurity problems from the government."
"The General Services Administration’s coming spring 2022 update to its federal marketplace strategy caps off one of the busiest six months for the Federal Acquisition Service in recent memory. It’s hard to remember a previous time when FAS was dealing with so many moving pieces. From the long-awaited move to the Universal Entity Identification number from the DUNS number, to the now much-maligned Polaris small business governmentwide acquisition contract (GWAC), to the unexpected challenges brought on by inflation which impacts nearly every aspect of the public and private sectors, the changes and updates have come fast and furiously since January."
. . .