Contractors look for clues to new security proposal in appropriations bills

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

Contractors always watch appropriations bills closely for glimpses of what’s coming in the next fiscal year. For fiscal 2019, according to Professional Services Council President David Berteau, that’s the Defense Department initiative known as “Deliver Uncompromised.”

“The premise of Deliver Uncompromised, and some accompanying comments that DoD has made both in testimony and in public speeches, has indicated a big shift — and probably an appropriate shift — to spending more time on the security,” Berteau said on Federal Drive with Tom Temin. “Not only the security of systems, but the security of data, the security of communications, a broad array of, I would say, more than cybersecurity even.”

Advertisement

Berteau said the Defense Security Service outlined the initiative like this: contract deliverables must be provided in a state that is uncompromised by hacking, the inappropriate sharing of data, or contamination of the data.

During a June 21 hearing of the House Armed Services Committee, Anthony Schinella, national intelligence officer for military issues at the Office of the Director of National Intelligence, framed it as the new fourth pillar of contracting. This hearing was when DoD first proposed the initiative, Berteau said.

“We must have confidence that industry is delivering capabilities, technologies and weapon systems that are uncompromised by our adversaries, secure from cradle to grave,” Schinella said. “It is no longer sufficient to only consider cost, schedule and performance when acquiring defense capabilities. We must establish security as a fourth pillar in defense acquisition and, also, create incentives for industry to embrace security, not as a cost burden, but as a major factor in their competitiveness for U.S. government business.”

Berteau said this is a new approach to incorporating security into contracts that implies the existence of trade space. Will the government pay more for more security? It also implies that the government has a way to measure security, since there are established ways of measuring cost, schedule and performance.

“How exactly are we going to measure security?” Berteau asked. “That’s the big question. And it matters to everybody, both on the government side and the contractors.”

Driving some of the intrigue is that there’s not yet a written document or official status. But there have been plenty of commentaries and communications on the topic, including the question of compliance with the existing Defense Federal Acquisition Regulation Supplement clause on cybersecurity.

“What we at PSC plan to do is we’re working on input to DoD that says ‘here’s what makes sense in terms of applying this mechanism,’ particularly on services contracts, where it’s a little harder to tell exactly what Deliver Uncompromised might mean,” Berteau said.

Meanwhile, PSC was also hoping to get additional language added to the defense appropriations bill just passed by the Senate to ensure adequate financing for background investigations. Berteau said no central fund exists for background investigations; agencies that require investigations are expected to pay out of their own appropriations.

But overall, Berteau is optimistic about the state of appropriations for fiscal 2019 as they currently stand.

“We’re in pretty good shape with respects to appropriations bills,” Berteau said. “The Senate has now passed nine of them, the House has passed six. They can start conferring on these, or the House can pass the Senate version. Not likely, we’re likely to have conferences, but we’re in a pretty good position if the legislation can be moved forward with a great deal of speed here to actually have appropriations bills enacted and to the President in advance of the fiscal year, which would be the first time we’ve done that in almost a decade.”