COVID19 presents unique and enduring challenges to business operations and mission fulfillment. While many “lessons learned” regarding best practices to confront natural disasters can be gleaned from such situations as Hurricane Katrina and 9/11, the unprecedented scope and impact of this pandemic raise troubling issues for legacy business models. In terms of “big A” acquisition policy, we believe that the current crisis will fundamentally alter existing programmatic assumptions. Identifying these trends is an important beginning in terms of what lies ahead.
Reading these “tea leaves” allow us to make impacts of recent events upon the broader framework of government IT acquisition. What can we foresee and predict?
From a macro perspective, we believe that the current unprecedented situation has the potential to fundamentally re-align the basic consensus regarding the much-touted benefits of globalization. In terms of government contractors, and IT specifically, we have been discussing the following trends and consequences.
The transition to telework and remote working will accelerate, despite stresses and deficiencies in the underlying infrastructure. The current crisis has stressed existing VPN and telework infrastructure to an unprecedented extent. The recent CARES legislation denotes literally billions of dollars to address these deficiencies. This should, if spent properly, greatly accelerate the transition to a modern, 21st century digital government, as well as accelerate such basic commercial innovation as e-signatures, digital forms and web site developments to improve government customer focus.
There will be a profound reassessment of basic supply chain structures to reinforce the defense industrial base. The current situation has highlighted in stark relief the risks of Chinese manufacturing and supply-chain dependency upon national security. This reassessment began several years ago in the context of rare earth metals, and has accelerated with pharmaceutical supplies and threat of embargoes by the Chinese for critical drugs and drug adjuncts.
We expect that, as with the movement in the 1990s to “Trusted Foundries”, that US-based manufacturing of national security-based supplies and items will be a strong government priority in the next two years. This focus has, however, had a limited track record of success. For instance, the famous Fishkill, New York based trusted foundry established by IBM with massive government subsidies was not successful in terms of on-going support costs.
We are already seeing specific government actions to tighten and “reform” the supply chain, such as the Defense Department’s cybersecurity maturity model certification (CMMC) initiative. These efforts are likely to accelerate, with concomitant regulatory burdens going forward. In terms of national security services, localizing your research and development, and production efforts primarily in continental United States (CONUS) would be something to keep in mind.
Along those same lines, expect that current “buy America” procurement preferences to be expanded and amplified. Current “buy America “preference provisions are well-established in the Federal Acquisition Regulations and I would expect that these would be increased and expanded from an acquisition perspective. In terms of business development and marketing, several IT companies (think for example the retail cybersecurity brand PCMatic) are using their “made in America” credentials a central point of their entire marketing campaign.
We also expect that current export restrictions on cyber goods and services will be tightened and expanded by the Department of Commerce. . Export licenses and government approvals will increase and become more burdensome for international sales of cyber products. The concern, of course, is that the regulatory pendulum swings too far and curtails important markets.
We believe that there will be a new push for data localization and requirements that government data be stored and utilized only upon CONUS-based platforms. This trend would likely have a potentially negative impact upon the cloud business model as a whole. Efforts to push back on the premise of this trend, i.e.- that data must be stored and utilized only in-country to be safe and secure- is sorting we should discuss.
How should you approach this challenge as an IT leader?
We suggest framing your government-facing response as being that of a solid and reliable government partner, supporting solutions to this crisis for the benefit of the American people. We suggest being very careful not to appear to be taking advantage of the crisis in your branding and government outreach efforts. Nuance is required. Having said that, reinforcing the narrative that private, commercial innovation provides rapid, proven IT solutions to these unprecedented events is an important message and is certainly the case here.
How can contractors potentially assist agencies/departments with navigating this health crises that affects not only manning and equipping, coordination and communications, but maintenance and sustainment allied to supply chain disruption, potential loss of key influencers, etc.?
OMB has released a detailed breakout, by agency, of the proposed coronavirus allocations from the first tranche of stimulus measures. The breakout specifically calls for use of the money to increase and secure telecommunications and compute capabilities for the government. It is no surprise that existing systems are stretched to the max (we have multiple press reports in this regard). Scalability is a central value proposition for cloud-based solutions, and we would be remiss by not pointing this out to our government customers.
What common sense measures can contractors take now to prepare for the future??
First and foremost- stay close to your customers. Recollect that in the event of government-imposed delays or program disruptions, there are specific remedies in the FAR that utilize such procedures as requests for equitable adjustment and the like. On March 30, DOD has issued extensive guidance on requests for equitable adjustment and utilization of existing FAR and DFAR procedures for COVID-19 claims and disputes. The CARES Act also appointed significant oversight resources- a special inspector general for pandemic spending, as well as a Congressional oversight board. These oversight groups will undoubtedly reinforce existing DCAA and DCMA scrutiny over incurred cost audits for COVID-19 work. Coordination with your legal team early on is essential.
This is an unprecedented situation that may have consequences meeting or even exceeding 9/11 in terms of economic impacts and new thinking about many issues. Agility and nimbleness will be at an absolute premium. It needs to be baked into your culture.
Richard Beutel is the founder of Cyrrus Analytics. Rich is a nationally recognized expert in IT acquisition management and cloud policy with 25 years of private sector experience and more than a decade on Capitol Hill working on procurement issues.