The Reporter’s Notebook started off as an idea to highlight all the tidbits and news nuggets that got lost or left out of a story.
It has, I’m pleased to say, morphed into what I hope is news analysis that not only highlights stories rarely covered day-to-day, but takes on well-known topics that make my audience think or reconsider their established positions.
It’s been eight years since I launched this feature and I still surprise myself nearly every week with how stories come together, the federal and industry experts and sources that provide me immeasurable support, insights and ideas that form the notebook and, hopefully have an impact on the three “Ps” of the federal government: Policy, people and programs.
As always, I encourage you to submit ideas, suggestions, and, of course, news to me at firstname.lastname@example.org. The 2018 top 10 list featured stories about change and turbulence in the federal IT and acquisition communities. In 2019, the top stories were more diverse with a mix of IT past, present and future.
It’s a little surprising that this story was the most read of this year. It came together almost as an after-thought where the Cybersecurity and Infrastructure Security Agency (CISA)-issued use case was an interesting read. After talking to several experts, the story ended up revealing just how serious the cyber incident was for that unnamed agency. In retrospect and knowing what we do now about the SolarWinds cyber breach, it’s no surprise cybersecurity continues to drive the interest of readers.
The Defense Department’s cloud saga known as the Joint Enterprise Defense Infrastructure (JEDI) is the story that just keeps on giving. We wrote at least 17 stories about JEDI in 2020, and the epic doesn’t seem to have an end in sight. In this specific story, the IT Acquisition Advisory Council tried to convince lawmakers to do more to force DoD to rethink its approach to the single-award contract and follow the lead of the CIA. As we know, DoD leadership continues to hold on to JEDI strategy. It will be interesting if the new chief information officer coming into DoD under the administration of President-elect Joe Biden decides reconsider the JEDI program.
Nearly every agency chief information officer and many vendors love to talk about just how DevSecOps and the agile development methodology has taken over from waterfall. But when you look closer, as we did in this story, many agencies aren’t quite out of using the much-maligned waterfall development approach. This story highlighted three case studies from the Small Business Administration, the General Services Administration and the Education Department demonstrating that agile and DevSecOps are gaining ground. It’s just not as fast as many would like or contend.
DoD’s Cybersecurity Maturity Model Certification (CMMC) is probably the most talked about topic for vendors this year. The concern is about how the Pentagon will roll it out, when the third-party certifiers will be in place and which contracts will include the standards. While DoD has answered most of those questions by now, back in February Pentagon leaders were telling vendors not to spend money on CMMC quite yet — no matter what services providers told them what they can do. It’s not new for companies to try to take advantage of contractors looking to get ahead of a new program. What was interesting was DoD’s public warning of these scammers.
The interest in the CIA’s cloud contract known as C2E was always high among contractors, but the breaking news of the award seemed to resonate across the federal market. Maybe it’s because the CIA has been out in front in using cloud services when compared with most other agencies? Or maybe it’s because the C2E program often has been compared favorably to the DoD’s problematic JEDI program? Then again, it might have been the second half of the story about a contract award protest faced by CISA that drew the readers. It’s hard to say.
I wrote this story before the COVID-19 pandemic but it foreshadowed what was coming. Agencies and vendors complained for years that the Einstein intrusion detection, intrusion prevention software and the Trusted Internet Connections requirements made cloud services more cumbersome. This news highlights how the Department of Homeland Security finally was outlining a path to ease that burden and why it was such an important story in early 2020. And when the pandemic hit, DHS acted fast with a new remote working use case that brought TIC 3.0 to reality.
Of all the stories in the top 10, I was most surprised this one made it. But, I guess it goes to show you that readers appreciate the research and analysis of the IT and procurement policies in the annual defense authorization bill.
This story came from a Government Accountability Office graphic showing just how much acquisition funding was left to spend. While the graphic was a starting point, the real story evolved as DHS, the IRS and GSA began detailing new solicitations or draft requests for proposals that would make the federal fourth quarter a contracting bonanza.
This story was one of the few instances where GSA either miscalculated the reaction from industry or decided it was just the messenger of the bad news, but held little to no real authority to change the situation. All but shutting off the spigot for agency customers and 8(a) companies right as the fourth quarter of the federal fiscal year was about to start was inconceivable for many companies. The story continued to expand during the year as frustration grew among 8(a) firms and capped off a rough year for small firms working with GSA.
This was the fifth in a series of stories starting in July 2019 on the decision by the Department of Health and Human Services to shut down its assisted acquisition services. More than a year after the decision, this story continued to demonstrate the impact of what many called a horrible, vindictive decisions based on faulty logic. The follow-on story in November brought the saga to a sad conclusion where certain HHS leaders resorted to finding a scapegoat to rationale their poor decisions.