wfedstaff | April 17, 2015 6:57 pm
“Inside the Reporter’s Notebook” is a biweekly dispatch of news and information you may have missed or that slipped through the cracks at conferences, hearings and the like.
This is not a column nor commentary — it’s news tidbits, strongly sourced buzz, and other items of interest that have happened or are happening in the federal IT and acquisition communities.
As always, I encourage you to submit ideas, suggestions and, of course, news to me at email@example.com.
Insight by GitLab: During this webinar executives from the State Department, U.S. Securities and Exchange Commission, U.S. Patent and Trademark Office and GitLab will discuss how institutionalizing a DevSecOps approach to software development is a journey that must bring together the technology and business sides to change an organization’s culture.
President of FedBizOpps contractor pleads guilty to hacking
The president and chief technology officer of the government contractor who runs FedBizOpps.gov and two other governmentwide acquisition websites pleaded guilty to criminal hacking charges Wednesday.
Ariel Friedler, president and CEO of Symplicity Corporation, pleaded guilty in federal court May 21 to conspiring to hack into the computer systems of two education sector competitors to improve his company’s software development and sales strategy, according to a Justice Department release. Alok Dhir, CTO of Symplicity, also is charged in the crime. He is expected to enter his plea in court in early June.
The Justice Department said maximum penalty for Friedler is five years in prison, $250,000 fine, full restitution and three years of supervised release for violating the federal Computer Fraud and Abuse Act (CFAA). He will be sentenced on Aug. 1 in the Eastern District Court of Virginia.
Under the plea deal, Friedler agreed to pay Maxient $217,097.60.
Emails to Friedler and Friedler’s attorney David O’Brien, of Crowell- Moring, seeking comment were not immediately returned.
Symplicity spokeswoman Victoria Chapa said the company “has not been — and will not be — charged in this matter and the company will continue to provide its millions of users with secure, reliable platforms for effective information management without interruption. It is also important to note that this incident related exclusively to Symplicity’s business in higher education.”
Chapa added none of Symplicity’s work with the federal government or any related systems were implicated in the case, and those aspects of Symplicity’s business remain completely separate from this matter.
Symplicity also announced Bill Gerety is its new CEO, and Samuel Ramer will be its new general counsel.
Chapa said Friedler and Dhir have resigned from Symplicity, effective immediately.
PandoDaily first reported the Justice Department’s conviction.
“We hope that the court recognizes the tremendous damage done here,” said Aaron Hark, co-founder of Maxient, a software company providing student conduct applications to the education sector. “It was nice to finally see after multiple years in our industry of him denying this and claiming this was a one-sided allegation and attempt to make corporate gain that in fact, it was his attempt to make corporate gain. It was nice to see that come to light. This is something the federal government needs to take notice of.”
The FBI began investigating Symplicity in 2009 and issued a warrant at the company’s offices in March 2012 after witnesses came forward alleging Friedler hacked into the computer networks of Maxient and Pave Systems, another education software company.
“This was a sad but inevitable outcome after an FBI investigation that lasted for more than two years. Mr. Friedler’s actions and those of his associates were illegal and plain wrong,” said Ghassan Nino, president and CEO of Pave Systems Inc. “I hope this sad situation does not sour the higher education community on the market. This market is full of good companies that follow the rule of law and stand for integrity, leadership and innovation.”
While Symplicity says this is separate from its government business, there is potential that GSA or another agency could suspend or even consider debarment proceedings.
Under the Federal Acquisition Regulations, an agency could suspend a contractor for the “commission of any other offense indicating a lack of business integrity or business honesty that seriously and directly affects the present responsibility of a government contractor or subcontractor.”
In addition to FedBizOpps.gov, Symplicity also runs the electronic subcontracting reporting system and the Catalog of Federal Domestic Assistance. It also recently won a contract from the State Department to provide constituent relationship management system in the cloud.
3 takeaways from not your usual MOC
If you didn’t make it down to scenic Cambridge, Maryland, last week for ACT-IAC’s annual Management of Change conference, you missed a new approach to conferences. Instead of the standard panel discussion format, ACT-IAC tried something a bit more novel.
In some rooms, presenters and audience members sat around tables to exchange ideas based on a specific topic and the presented to the group. Or in other cases, panelists were on a stage for less than 10 minutes and then joined the audience for a discussion led by a moderator-including our own Francis Rose, who along with other media members caused quite a bit of a stir when the discussion shifted to how the government needs to do a better job talking about success stories, and how too often agency press offices get in the way of celebrating all that is good and right with government.
Here are a couple of key takeaways from MOC:
FITARA’s chances in the Senate? TBD
As the Federal Information Technology Acquisition Reform Act (FITARA) gets a second go around in the House’s version of the Defense Authorization bill, the bigger question is whether the Senate is ready to play ball.
If you remember last year, the House included FITARA as part of the 2014 NDAA it passed, but the Senate Armed Services Committee worked with lower chamber lawmakers and decided not to move forward with that section of the bill.
Reps. Darrell Issa (R-Calif.) and Gerry Connolly (D-Va.) introduced an updated version of FITARA in February. Issa and Connolly offered the bill as an amendment to the NDAA on May 20 and it was passed along with a block of provisions.
As the bill now goes back to the Senate, all eyes point to Sens. Tom Carper (D-Del.) and Tom Coburn (R-Okla.), chairman and ranking member of the Homeland Security and Governmental Affairs Committee.
If Carper and Coburn find enough they like about the bill and the administration decides not to make too much of a stink about it, then there’s a pretty good chance of FITARA becoming law as part of the NDAA.
As of now, that doesn’t seem likely-at least for FITARA as the House passed it.
At the recent committee hearing on IT acquisition, both Carper and Coburn asked witnesses about FITARA and IT reforms.
“While we appreciate their hard work on the legislation and share many of their same goals, based on these charts it’s not clear how many of these success factors could be encapsulated in legislation,” Carper said referring to a chart showing nine success factors for federal IT programs.
Federal CIO Steven VanRoekel said many of the best practices are about comprehensive management and it’s hard to legislate those actions.
“A starting point if you look at a proposed bill like FITARA, I think there is a disconnect between appropriators and authorizers. There is a money aspect here as much as there is an authorization aspect, and thinking about that duality in the work that is being done,” he said. “I think we have an opportunity in incentives and thinking about what outcomes we want to see. I also fear a lot of what we see in legislation that looks at technology is technology is moving so quickly. If we were sitting here 15 years ago, the notion of doing agile approaches or even Internet approaches in government weren’t as self-apparent as they are today. So looking at how do we think about what outcomes we are trying to drive versus what are the tactical ways we will get there is essential because we are moving so far. We are moving so fast. We are moving fast enough that our procurement system can’t keep up with it and we need to think about modern approaches to get there.”
To translate for VanRoekel, the White House still doesn’t see the need for FITARA.
Dan Tangherlini, GSA administrator, toed the party line by saying he didn’t think legislation is the answer for ensuring senior leadership attention to IT projects.
“You can require it, but it won’t necessarily result in it,” he said. “What we need to do is continue to work as we have been closely with Steve to bring these best practices into our agencies and we need to make sure there is transparency and as a result accountability through strong oversight from Congress, seeing how we are performing and getting the work we say we will get done, done.”
But isn’t that the point of the legislation? If the law is updated to reflect changes in the importance and need for oversight of IT, Congress will pay attention, ask for reports, write letters of concern and hold hearings-which is exactly what Tangherlini just said was needed.
The Government Accountability Office’s David Powner seemed to agree that changing the law to require more oversight and attention would be good. He said legislation is important in two areas: data center consolidation and IT dashboard reporting. Both of these would hold agencies more accountable for their reporting of data and progress.
Again even GAO’s focus is not about management responsibilities, but changes to how agencies manage IT and how Congress expects oversight to be exacted.
Coburn countered VanRoekel and Tangherlini’s arguments by saying one of the points of the new law called the DATA Act is so agencies can get the information to better manage their projects. Coburn said they don’t have it currently.
“I really appreciate Steve what you are doing, implementing a management capability. That’s been the real problem. It’s not that we don’t have great employees,” he said. “It’s that we have a skill set that hadn’t been up to the task. So what you are doing is very important in that regard.”
The committee passed on May 6 one piece of FITARA, the Federal Data Center Consolidation Act.
Carper said he may try to get it pushed through the full Senate and have it passed under unanimous consent.
IT Job of the Week
A best of both worlds situation for an aspiring intel techie. The Defense Department’s Defense Security Service seeks a senior adviser for IT and CIO. This looks to be an in-the-weeds senior IT job that requires the candidate to be able to establish short and long term IT visions including an architectural roadmap, while also maintaining the enterprise security system and all applications supporting the National Industrial Security Program, Counterintelligence, Center for Development of Security Excellence and headquarters elements. A top secret security clearance is required. Applications are due June 6.