Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.
The civilian and Defense sides of the government have taken a big step together to move the Defense Department’s innovative, nontraditional contractors to the mainstream of federal contracting. It takes the form of a deal between the Defense Innovation Unit and the General Services Administration. GSA is in the midst of moving about a dozen such companies from DIU’s prototype roster to the GSA Multiple Award Schedules Program at the ACTIAC Emerging Technology Conference in Cambridge, Maryland, GSA’s Senior Technology Adviser Sam Navarro shared details on the Federal Drive with Tom Temin.
Sam Navarro: We talked about today about enhancing digital transformation and innovation in the government space, one of the things we want to do is we want to take good ideas and scale them across government. So the Defense Innovation Unit’s been a key partner now to bring in innovative small companies and show that they have a proof of concept to add value within the Defense space. So we just inked a brand new deal to make sure that those vendors and their capabilities are available for utilization by our civilian counterparts. And so we’re excited to fast lane them on the schedule as fast as we can, so that their capabilities are available for civilians.
Tom Temin: So these are vendors that have come through DIU, perhaps on an OTA now graduating them, if you will, to regular Federal Acquisition through the schedules?
Sam Navarro: Yes. And as we know, the OTAs have their constraints. And the constraints are there for prototyping proof of concept kind of work. So when you want to scale that work to the enterprise, it’s valuable if they’re on a governmentwide solution. And that’s the value we want to bring to the table.
Tom Temin: These are companies that are not otherwise on the schedules or on any, say GWAC that you might know of. These are absolutely new to the federal market through DIU?
Sam Navarro: Yes, that is correct. And we could fastlane them. They have a sponsor, so we could get them on a lot faster. We’re looking at at least from 15, anywhere to 30 days getting them on schedule so they’re readily available for government competition.
Tom Temin: How many companies are we talking about here?
Sam Navarro: Right now we’re looking at about a dozen, which DIU is working with, but they are constantly recruiting innovative companies. And our objective is as soon as they prove value to the government, we onboard them on our site to the schedule.
Tom Temin: Well give us a couple of examples. I mean, can you name a couple of men what it is they have brought to DIU?
Sam Navarro: Yes, and precisely for not going into endorsements, I will not say specifically which companies, but we we are looking at six different focus areas. Area in particular is AI and ML. And in the area of robotics, there’s been a lot of use cases where they’ve shown innovation within the DoD space. And when we think about AI, ML and robotics we just had the CTO of DHS here today. And there’s a lot of concepts for Customs and Border Patrol or keeping the federal officers safe from different scenarios where robotics can be applied, in a comprehensive manner.
Tom Temin: Yeah. So in some ways, the mission of in that sense of the Defense Department look like the mission of DHS in terms of tactics and requirements and field work, and so on.
Sam Navarro: Precisely.
Tom Temin: When you say these companies that have a sponsor, that would be the DIU?
Sam Navarro: Yes, yes and Mr. [Michael] Brown, who’s in charge of the DIU, signed an agreement with Laura Stanton, who is the associate commissioner for ITC, and they have set the critical metrics for delivering results for the government. So they want to make sure that within six focus areas, we get vendors in the emerging technology space, that citizen-servicing agencies can leverage and benefit from as well.
Tom Temin: And how do we ensure that just coming on to the schedule doesn’t become a valley of death for them? There’s 50,000 vendors on the schedules, you’re adding 12 more into the ocean. Is there a way of, again you can’t promulgate certain companies, you’re the referee, but how will anyone know about them?
Sam Navarro: Great question. So GSA has an Office of Customer and Suppliers Engagement. And so we’re working in collaboration with them to make sure that the use cases that they’ve been able to apply within the Defense space align to the civilian space by engaging agencies. So we’re looking at making sure that we’re proactive in engaging agencies that have use cases which align to these vendors, not to endorse a particular vendor, but to let them know that we have emerging technology vendors that may be able to meet their needs, and then compete solicitations among them.
Tom Temin: And the GSA does operate conferences and training sessions for vendors from time to time and it helps them work their schedule better, so they’ll be able to participate in those?
Sam Navarro: That is correct. And we want to also not only on-ramp them, but educate them, train them on like, market research as-a-service is a tool that we utilize within the GSA space. So how do they respond to those? And when they respond, making sure we have industry days, reverse industry days for them as well so that they can show their capabilities to civilian agencies.
Tom Temin: And just to reiterate, you expect they could be on the schedule within a month or so?
Sam Navarro: Yes, we’ve already actually got about four or five already on board. And they’re already looking to compete for solicitations. And we’re slowly but surely ramping up to get the last batch that doesn’t onboard.
Tom Temin: And just an acquisition question, does that enable DIU to use regular acquisition to buy from them if they want to ramp them up to production scale?
Sam Navarro: Yes, DIU and other entities within DoD, we’ve kind of heard that same theme within Research and Engineering, and other areas, such as software factory solutioning, where DoD has a need to scale. Once they find out a use case works, how do they get it applied across the force? And so we’re working heavily to make sure that they have that availability.
Tom Temin 5:52
Right. And the other thing they’re looking for is a, I guess for lack of a better word, a legal way to be able to buy at scale under the FAR from people they bought, not at scale under the OTA authority.
Sam Navarro: Yes, “fair opportunity” means fair opportunity. Everyone gets a bite at the apple so precisely, making sure that they stay within the rules.
Tom Temin: And a little closer down to earth: You’ve been working on supply chain security, and supply chain assurance issues through ACT-IAC.
Sam Navarro: Yes, ACT-IAC conducted a survey. And with a lot of the challenges we’re seeing in the supply chain 75% of industry vendors have had some sort of impact because of supply chain challenges. One out of five face challenges with keeping the doors open from those. So the question is how do we collaborate with industry to create best business practices, which enables us to break down barriers, but also keep cyber supply chain risk management principles in place?
Tom Temin: And the output of this will be some kind of a playbook?
Sam Navarro: Yes. First and foremost, we’re doing a shark tank this June, June 6, where we’re bringing in folks who have great ideas. And we want to hear what they got to say and vote on which ones are the best for government utilization.
Tom Temin: And who votes?
Sam Navarro: We’re having sharks from across government and academia. So right now we have Allen Hill, who’s the senior executive sponsor, and we’re cycling in some other sharks for June 6. And so by the end of that, we’ll have some winners to announce to the broader public.
Tom Temin: And the playbook comes out by the end of the fiscal, roughly or so?
Sam Navarro: Yes, we’re breaking up – well, bottom line, what’s the challenge? The challenge is there’s a lot of content for cybersecurity practitioners, not a lot of content for acquisition workforce. So the objective is, by the end of the fiscal year release a playbook where we can talk about software bill of materials, quality assurance plans, terms and conditions that the acquisition workforce could place in solicitations. Builds on the predictability to industry on what they’re going to look for in solicitations when it comes to C-SCRM [cybersecurity supply chain risk management] needs for the government.
Tom Temin: Yeah the software bill of materials (SBOM), I think is a particularly difficult case, because the term only came into popular parlance a year ago or so maybe with the presidential executive order, a little more than a year. I think a lot of people are trying to get their arms around what an SBOM is, what form it takes, and then how you use it in evaluating a vendor or evaluating the product you’re getting. And I think a lot of the COR’s probably aren’t real up on SBOMs either.
Sam Navarro: Correct, and it has a valuable role to play in pre-solicitation, identifying what are the licenses you need, and what types of software you need, but even in post, right, in identifying what intellectual property belongs to the government, in terms of software, and this new AI world that we live in, and what intellectual property still remains with the industry partner. So we’re looking at fleshing that out and seeing how that works for government and industry in the playbook.
Tom Temin: And a final question: You mentioned software licensing. There have arisen lately, especially in academia, questions about the need to make sure that your software licensing and contract language for AI in particular, have the right elements you need because of particular requirements of AI and who has rights to the training data and all of this. Are you aware of that? And is that something you’re working on?
Sam Navarro: At this point in time it’s all on the table. We’re vastly aware of different challenges. I think right now, it’s definitely from a C-SCRM perspective is focusing on security and understanding that the acquisition workforce is part of the team now. It’s no longer a cybersecurity practitioner line of field only. It’s everyone and all hands on deck, including the acquisition workforce, so like Dave Lattimore said, cybersecurity is no longer the CISO’s job. It’s all of our jobs, including the acquisition workforce. And we’re focusing in precisely on those aspects is how can we increase security so that these things don’t come out of the box with vulnerabilities that we have to deal with later on.