Wednesday’s opening panel at the FITGov 2023 Summit of the Government Technology and Services Coalition in Tysons, Virginia was titled “IT Procurement Stew: Blending Innovation, Security, and Compliance.” And the panelists provided a clear recipe (sorry, actually) for the stew they believe business and government should prepare to take advantage of cutting-edge technologies.
What were the panel’s suggestions? To combine innovation, security, and compliance, communicate and work together. Failure to communicate and work together can make government officials and contractors anxious and stressed out during a procurement.
In 2022, GTSC bought the FITGov Summit and refocused the summit’s goals to provide government with the tools and knowledge required to regulate advanced technology before it regulates us.
Soraya Correa, the moderator and a board member of FITGov who departed from her position as top procurement officer at the Department of Homeland Security after 40 years in the federal government, posed an important query to start the discussion: Because we are more connected, the world is more complicated. How do we encourage flexibility and agility with cutting-edge technology while ensuring security in light of these introductions and increases in vulnerabilities?
When the topic of security came up, Correa asked how to arrange a purchasing effort to address weaknesses early on.
Jason Passaro, the deputy director of IT acquisitions for the State Department, is minimizing the use of non-enterprise systems because they pose unique security risks. Katherine Lugo, director of State’s IT Contracting Services Division, ensures that specialists communicate with one another at all times.
Polly Hall cultivates relationships with contracting activity leads across a large enterprise to ensure cross-functional collaboration. Prior to taking on her current position as senior advisor to Chief Procurement Officer Paul Courtney, Polly Hall championed ground-breaking acquisitions as executive director of the Procurement Innovation Lab at DHS.
The most recent cybersecurity regulations will be included in EVOLVE, a seven-year, $10 billion enterprise IT services contractual vehicle for the State Department, according to Passaro. The government and contractors will have the best starting point possible to work from when task orders arrive under the multiple-award IDIQ to strengthen State’s security posture and support innovation and modernization. This is crucial to utilizing technology while preventing it from utilizing us.
Hall underlined the significance of assembling teams to do earlier acquisition planning and to fully comprehend the associated need and security requirements. She advises teams to consider how to comprehend what the desired end state would look like rather than attempting to list every necessity right away. This innovation, which involves rethinking how to complete the task, incorporates risk conversations at every stage so that risk management develops together with the acquisition plan and the team communicates its understanding of risks and risk management.
Passaro illustrated how crucial this was by using a story about working with fund managers who need three meetings to agree on a word as basic as the award date. “The funding was given, for starters.
But if we have diverse definitions and understandings of something that straightforward, Passaro continued, “we know how difficult it is to get on the same page to strengthen our security posture.”
With the caveat that the team knows what that language means so it may alter language, accordingly, to set minimal acceptable risk levels, Lugo advised moving acquisition planning “to the left” and include conventional cyber jargon. She added that in the Air Force, teams received training in change management so they could apply its concepts and practices to contract and project management.
Correa questioned how the government could involve business in this discussion. Lugo suggested learning from successful forums that have facilitated discussion between business and government. Her company set up a LinkedIn page to pose industry-specific problems and get feedback. In an effort to promote organizational culture change, she also adds the myth-busting papers from the Office of Federal Procurement Policy to policy.
The vast majority of IT demands are for commercial IT goods and services, hence Hall remarked that we work hard to involve business. She meets with industry associations once a month to discuss a variety of issues, including as how they may influence reversed industry days and workforce training suggestions.
Through events and boot camps, the DHS Procurement Innovation Lab assists acquisition teams in exchanging information with other government agencies and the private sector in order to drive culture change. They are working together right now in particular to talk about how big language models will affect business and government.
At the panel’s conclusion, Correa highlighted that “it’s about the conversation.” “What do we hope to accomplish? What is the final result? What must we consider together in order to get there?
Government and business have always been able to fulfill missions and comply with contract and project management standards when they are on the same page regarding these issues. But in a future where powerful tools like huge models of language and generative AI are at our disposal, cooperation and communication are essential if government and business are to use these tools rather than be used by them.