Contractors Archives

NASA’s SpaceX Falcon 9 launch on May 30, 2020, drew a significant amount of attention. With roughly 10.3 million people streaming the coverage at peak viewership, the event has become NASA’s most-viewed online event.

While astronauts Bob Behnken and Doug Hurley prepared for their journey inside the SpaceX Crew Dragon capsule to the International Space Station, all eyes were on their futuristic apparel. Here, we’re exploring the inspiration, design development and engineering behind the new spacesuits worn by the Dragon crew during the recent launch.

"The appearance of U.S. Department of Defense (DoD) visual information does not imply or constitute DoD endorsement."

A new mission symbol

“This [SpaceX] suit is significantly different than the suit we wore on shuttle,” Hurley said during a prelaunch press conference. While participating in earlier NASA space shuttle flights, he previously wore what’s been called the “pumpkin suit” due to its bulky, bright orange appearance.

Behnken noted that SpaceX’s idea was to “reach back and [bring forth] a retro styling or a different way of creating their own unique kind of mission symbol [rather than] copy what was done on the space shuttle side.”

Comparing the pumpkin suit to the sleek new design, Behnken added, “Both of [the suits] have succeeded, I think, in terms of becoming iconic [and] symbolizing the mission in front of us, and the excitement associated with what we’re going to accomplish.”

Superhero suits for space

The iconic new suits were dreamt up by Hollywood costume designer Jose Fernandez, who has designed superhero costumes for films including “The Avengers,” “The Fantastic Four,” “Batman v Superman” and “X-Men II.”

According to an article in The New York Times, “Elon Musk’s SpaceX Suit Is Like a Tuxedo for the Starship Enterprise,” SpaceX founder Musk approached Fernandez and other designers rather than the usual military uniform contractors. Together they fine-tuned the design and then had experts reverse-engineer it to work for the spaceflight setting.

The shape and style of the articulated, structured suits were partly inspired by the tuxedo, a garment that makes its wearer look instantly better by offering padded shoulders and tapered seams that visually sculpt a more muscular-looking torso.

Additionally, the suits recall the futuristic fashions of the 1960s, when, inspired by the sleek Space Age aesthetic, couture designers dressed models in ultra-cool ensembles featuring clean lines, minimalist detailing and lots of white and silver.

Wearable tech in orbit

Even though the spacesuit creators reached back into the canon of visual culture and design history to determine its appearance, the cutting-edge technology and engineering the design represents — as well as the new era of privatized space travel — are incredibly forward-looking.

While they are not intended for lunar walks, NASA explained that the custom-made suits were “designed to be functional, lightweight, and to offer protection from potential depressurization. A single connection point on the suit’s thigh attaches life support systems, including air and power connections.” The custom 3D-printed helmets include similar integrated technologies and microphones.

Scientific American has reported that this new “public-private partnership business model” has saved NASA up to $30 billion on directing contractors to develop new spacecraft and related technologies. The arrangement also allows aesthetics to take center stage.

“As long as space travel was being subsidized by governments, there was no need to make the suits attractive, as the astronauts’ safety was the sole concern,” sci-fi scholar Gary Westfahl told The New York Times. “Yet, if space travel is going to become an activity of private companies seeking profits, they have a natural interest in making their astronauts seem attractive.”

The spacesuits represent a novel hybrid of past and present, fashion and function — and they demonstrate all the best in wearable technology. As Cathleen Lewis, curator of spacesuits at the Smithsonian Institution’s National Air and Space Museum, said in The New York Times, “It’s smart branding because it signals we are starting a new age.”

Government contracting roles, such as contract officer and contract specialist, can be challenging and rewarding careers. However, students and emerging professionals may not be familiar with the primary responsibilities, job requirements or internship opportunities related to this field. Read on to learn how to prepare for and find work as a contracting professional.

What do contract officers and specialists do?

The Federal Acquisition Institute (FAI) defines the contract officer (CO) as "a person who can bind the Federal Government of the United States to a contract. Contracting Officers hold a warrant that allows them to negotiate on behalf of the United States Government. As the Government's agent, only COs may execute, modify, or terminate a contract."

Many aspiring contract officers will start out as contract specialists, where they serve in a support role and directly report to contract officers. Both are civilian roles within the federal government's acquisitions workforce, which is responsible for procuring and selling goods and services on behalf of government agencies. These goods and services may include everything from new information systems, aircraft and military vehicles to cutting-edge research, uniforms and office supplies.

The FAI explains that contract officers are responsible for selecting vendors and overseeing that contractual agreements are legally compliant, appropriately funded, fair and impartial. It is also a CO's job to ensure that contracts are providing maximum value and that taxpayers' money is being responsibly spent.

While the role largely involves contract negotiation and administration, contracting professionals also have the chance to meet with vendors, view and assess the types of products and services under consideration, and gain hands-on experience related to the agencies and programs they are working to support. As a result, some travel may be involved. The FAI explains that contracting professionals are needed throughout the U.S. and overseas, where they are employed by essentially all government agencies and programs, including the branches of the armed forces.

Contracting careers can be professionally rewarding and well-compensated. According to Glassdoor, COs typically make between $57,000 and $128,000 per year, with average earnings of roughly $90,000.

How can someone become a contract officer or specialist?

Students who wish to apply for internship opportunities in contracting can learn more about available internships through the FIA website. Opportunities include government-wide internships like Pathways Program as well as agency-specific programs such as the Department of Homeland Security's Acquisition Professional Career Program (APCP) or the Department of the Navy's Naval Acquisition Development Program (NADP).

Full-time contract officer and specialist positions are advertised through the federal government's career portal, USAjobs.gov. Anyone interested in searching for and applying to these roles will likely need to go through this portal.

According to the FIA, a prospective contracting professional should hold a bachelor's degree. An advanced degree may also be desirable or required for certain positions. The CO role is classified as an 1102 position in the Contracting Series by the U.S. Office of Personnel Management, so prospective candidates should review the specific qualifications.

Applicants interested in a contracting career should generally possess some educational or professional experience in the following subjects:

Contracts.
Law.
Business.
Accounting.
Finance.
Economics.
Quantitative reasoning.
Supply chain management.
Industrial distribution.
Marketing.
Market research.
Communications.

To be successful in a contracting career, one should possess strong communication skills, analytical abilities, and a penchant for problem-solving which will be important in cost analysis, contract negotiation and other administrative duties. COs typically operate in team environments, so collaboration is key as well. Professionals in the contract specialist and contract officer positions are constantly learning and participating in agency-specific training programs.

On March 13, 2020, President Trump issued a national emergency declaration in response to the coronavirus outbreak. Since then, the efforts of state and federal agencies to keep the COVID-19 pandemic contained have had a range of impacts on contractors.

While navigating the ever-changing situation may prove challenging for many businesses, exploring some proven and potential results may help illuminate the path forward for those in government contracting.

Clarifying "essential business" status

National Defense advised contractors to be aware that they might not be considered essential simply because they are working to fulfill a federal contract. The outlet noted that state-mandated lockdowns may conflict with contractual obligations when both federal and state classifications remain relatively open to interpretation.

If they have not done so already, businesses should look for the Defense Federal Acquisition (DFA) Regulation Supplement Clause (252.237-7023) in their contracts. This clause states that businesses performing "mission-essential functions" can continue work — but it is essential to do so with all safety precautions taken.

Documenting excusable delays

Just because a national emergency has been declared, contractors are not automatically granted an excusable delay. Instead, any delay excuses must be well-documented and proven.

There is a Federal Acquisition Regulation force majeure clause stating that "the contractor shall not be in default because of any failure to perform this contract under its terms if the failure arises from causes beyond the control and without the fault or negligence of the contractor." Specifically, cited examples include "epidemics" and "quarantine restrictions."

However, contractors must identify precisely how these factors beyond their control impact contractually agreed upon delivery schedules. Once this is possible, it may be advisable to wait before settling on a new timeline, which may be difficult to identify given the continuing coronavirus-related uncertainty.

Accommodating DPA implications

The Defense Production Act (DPA) allows the president to bypass typical contract procurement procedures in an effort to obtain or initiate the manufacture of critical products and technologies. While it is unclear to what extent this authorization will be utilized, there may be some implications for contractors with manufacturing resources.

For instance, in March 2020, President Trump "require[d] General Motors Company to accept, perform and prioritize contracts or orders for the number of ventilators that the Secretary [of Health and Human Services] determines to be appropriate."

Writing for Lawfare, Harvard Law students Masha Simonova and Nathaniel Sobel explained that "the government could use this authority in the current pandemic to grant relief in the form of loans or loan guarantees to contractors who are facing lost profits or hardships as a result of complying with DPA orders."

Securing additional relief

In addition to possible DPA-related financial relief, contractors can turn to the FAR Changes Clause (52.243-1 through 52.243-4). If new direction from a contracting officer (CO) will hinder a vendor from completing their contracted services, the law firm Pillsbury has suggested "that the contractor make a timely request to its CO for a schedule extension."

Furthermore, Pillsbury has advised "separately account[ing] for the cost growth they experience as a result of the CO direction, in case they cannot reach an informal resolution and need to submit a claim for financial relief."

Essentially, it is critical for impacted government contractors to prioritize immediate and open communication with contracting officers and other stakeholders while maintaining detailed records of coronavirus-related impacts on contractual obligations. While attention and vigilance may not resolve the situation immediately, given the ever-changing nature of the ongoing pandemic, these actions can help contractors understand where they stand and may lead to securing much-needed financial assistance or schedule relief.

Military service members, firefighters and power industry workers regularly go into the line of duty outfitted in flame-resistant or fire-resistant (FR) clothing. Contractors have embraced innovative textiles to keep uniforms — and the people who wear them — safe. Here is a look at the occupational hazards that necessitate FR clothing and what FR uniforms must do.

Occupational risks

The mission of a firefighter necessitates clothing that can hold up to intense heat and raging flames. FR turnout gear and station wear must reliably offer high levels of thermal protection. But first responders are not the only brave professionals who require carefully engineered protective apparel.

Whether handling ammunition or withstanding enemy fire, the nation's military service members are constantly in harm's way. They need uniforms that enable them to do the work that must be done, without compromising their health and safety.

But, according to FR uniform manufacturer DRIFIRE, unsuitable textiles had been putting service members at risk. In 2007, two Marines were killed during a roadside bombing incident when their undergarments melted onto their skin. These garments were polyester — a plastic material which ignites, melts and drips when exposed to heat. Even when a uniform's outer layers are fire-resistant, improper base layers can still pose serious hazards. DRIFIRE notes that the U.S. Marines approached their company for a safer solution following this incident.

In the electric power industry, FR apparel is just as essential. According to the Occupational Health and Safety Administration (OSHA), the heat of an electric arc can exceed the surface temperature of the sun. Even a split-second blast can cause severe or fatal injuries. Combustible dust, flash fires and other unforeseen accidents mean that workers should be properly dressed at all times.

The role of fire-resistant clothing

Working hand-in-hand with OSHA, the Department of Defense and the National Fire Protection Association, the protective apparel industry has made significant strides since the early 2000s.

Workers facing heat, fire and electrical hazards are now required to wear FR clothing from head to toe, and from their undergarments to their outermost jackets. When layered properly, FR apparel provides a higher level of protection that is greater than what's offered by each individual piece.

For anyone serving in the armed forces, on an emergency response team or in the power industry, specialty clothing made from FR textiles is one important component of the personal protective equipment (PPE) that is worn.

For the greatest protection and comfort in the line of duty, fire-resistant uniforms should be:

Inherently flame-resistant, meaning that the FR properties will not wash away or wear out. Rather than being finished with an FR treatment, the fibers and weave structure must offer the flame resistance themselves.
Self-extinguishing to prevent the spread of fire, reduce the risk of burns and give workers time to return to safety.
No-melt and no-drip to avoid bonding to the skin and causing severe burns.
Low-smoking and non-toxic to prevent smoke-related injuries as the garment self-extinguishes.
Slightly loose-fitting (but not excessively baggy) to create an insulating layer of air between each piece of clothing and the skin that helps resist the heat.
Comprehensive with different pieces that are worn together, from the undergarments, middle layers and outerwear to headgear, additional uniform components and weather-related accessories.
Moisture-wicking and fast-drying to help regulate body temperatures and keep workers as comfortable as possible in hot, stressful and physically demanding situations.
Antimicrobial to prevent the growth of bacteria inside the uniform.
Compliant with industry requirements.

Fibers that are prone to melting and dripping such as polyester, rayon, nylon and acetate are generally not utilized for FR clothing. Although natural fibers like cotton and wool will burn to ash rather than melt, they aren't entirely suitable either as they are not self-extinguishing.

Instead, companies in the protective apparel industry have developed and patented specialty textiles. These consist of a blend of unique fibers and innovative weave structures that meet the many demands of the field and keep service members and industry workers who wear FR clothing safe.

A draft memorandum of a White House artificial intelligence report was released earlier this year, offering guidance to federal agencies on how to regulate the use of AI.

American leadership and AI technologies

Released by the Office of Management and Budget (OMB), the draft memo was developed to comply with the 2019 Executive Order on Maintaining American Leadership in Artificial Intelligence.

This order states that the U.S. “must drive technological breakthroughs in AI” across the public and private sectors “in order to promote scientific discovery, economic competitiveness, and national security.”

It also asserts that the U.S. “must drive [the] development of appropriate technical standards and reduce barriers to the safe testing and deployment of AI technologies.”

As such, the OMB’s 2020 draft memo indicates that White House officials strive to prevent AI over-regulation, encourage its adoption and support American leadership in the field.

Stewardship of artificial intelligence

The draft memorandum covers 10 “Principles for the Stewardship of AI Applications.” Agencies are asked to consider the following points when reaching regulatory and non-regulatory decisions about the development and implementation of AI technologies outside of the federal government:

1. Public Trust in AI: Despite the possible risks associated with AI adoption, artificial intelligence is expected to have positive impacts on social and economic life. As such, federal agencies should further “reliable, robust and trustworthy” uses of AI to help encourage public validation and trust.

2. Public Participation: Agencies are encouraged to provide ample public information and invite citizens to contribute to and participate in the rulemaking process.

3. Scientific Integrity and Information Quality: The draft memo asks that agencies “leverage scientific and technical information and processes” that are held to “a high standard of quality, transparency, and compliance” when formulating regulatory and non-regulatory approaches.

4. Risk Assessment and Management: Before making decisions on AI regulation, agencies should apply risk assessment and risk management best practices and maintain transparency about any findings. This approach is intended to “avoid hazard-based and unnecessarily precautionary approaches to regulation that could unjustifiably inhibit innovation.”

5. Benefits and Costs: Agencies are urged to assess “the full societal costs, benefits and distributional effects” associated with AI-related measures. This involves considering the impact on systems and processes AI tools are intended to replace.

6. Flexibility: The draft memo notes that “rigid, design-based regulations” around AI-related technical specifications will be unsuitable, and may cause American companies to fall behind other global leaders. Instead, it advises agencies to undertake “performance-based and flexible approaches” that can be easily adapted to evolving AI technologies.

7. Fairness and Non-Discrimination: Agencies should be mindful that, while AI has the potential to minimize discrimination and bias caused by human activities, it can also have the opposite effect. As such, agencies must consider non-discrimination and fairness as related to the results and effects of AI applications.

8. Disclosure and Transparency: The draft memorandum advises that disclosure and transparency around AI technologies and the rulemaking process can increase public trust, encouraging agencies to uphold these practices.

9. Safety and Security: Agencies are asked to promote AI applications that are “safe, secure and operate as intended.” They should carefully consider data security measures and integrity when addressing AI applications.

10. Interagency Coordination: Finally, the document calls upon agencies to work hand-in-hand to promote AI policy consistency and collaboratively reach decisions that “advance American innovation and growth in AI, while appropriately protecting privacy, civil liberties, and American values.”

This draft memo of the White House artificial intelligence report suggests a focus on innovation and public validation, and a desire to prevent burdensome regulatory and non-regulatory measures that may stunt growth in this rapidly evolving field.

Within the federal contracting landscape, the grass looks greener inside the fences this year. Here are some of the top trends and predictions that government contractors should be aware of in 2020.

The upward trend in federal contract spending continues

According to Bloomberg, federal contract spending experienced steady growth from 2014-2018.

Data from the government's Spending Explorer site confirms this trend. In FY 2017, Department of Defense (DOD) spending comprised 50.4% of all federal spending on contractual services and supplies, or $399 billion. This grew in FY 2018 to 53% ($442.2 billion) and again in FY 2019 to 55.7% ($484.5 billion).

Bloomberg has estimated that FY 2020 will see between $583 billion and $630 billion in federal contracts. This uptick implies new opportunities for federal contractors, especially those situated to serve the DOD, at the start of the new decade.

Major DOD contracts focus on enterprise-level IT solutions

Federal News Network estimates that there will be 3,000 defense contract opportunities in 2020, the largest of which relate to IT solutions:

The DOD has already issued a request for information relating to an estimated $10 billion contract for commercial-off-the-shelf IT hardware for the U.S. Army.
The Defense Information Systems Agency (DISA) has issued an RFP for wide area network capability, worth up to $1 billion.

Others up for recompete include:

The Navy's $1 billion Multifunctional Information Distribution System (MIDS) Joint Tactical Radio System contract.
DISA's Pacific $2.4 billion contract for telecommunications infrastructure transmissions.
The Army's $500 million contract for logistics and engineering support for the information management system, Medical Communications for Combat Casualty Care (MC4).

In general, the emphasis will be on IT modernization, data analytics, cloud computing and enhanced cybersecurity. Although these massive IT contracts are likely to be awarded to enterprise-level organizations, niche providers and small businesses will have opportunities of their own.

Small business gain market share through teaming and set-asides

In 2020, contractor team arrangements (CTAs) — are expected to grow in popularity among contractors of all sizes — but particularly among small businesses. By combining resources and bidding together, they are better situated to take on significant contracts. The ongoing federal push toward securing Best-in-Class (BIC) solutions suggests a teaming uptick this year.

As MeriTalk explains, "Teaming helps contractors gain access to work, minimize risk, increase knowledge and offer a more competitive price point. Small businesses view teaming as the most effective way to thrive in the competitive federal market. "

Smaller companies will also continue to compete for the government's small business set-aside contracts in 2020. The HUBZone program has made allocating more contract dollars to businesses operating in underutilized areas a priority, with the goal of awarding at least 3% to HUBZone-certified contractors.

Spending priorities across the rest of the decade remain uncertain

While recent years exhibited clear federal priorities — particularly the significant boost in defense spending — the November 2020 election makes it impossible to confidently predict what's ahead in the coming years. As a safeguard, federal contractors should situate themselves to win and hold onto the opportunities 2020 presents.

After all, as the Baltimore Business Journal advises, "contractors can't predict every change in the political weather, [but] they can still carry an umbrella."

The 35-day partial government shutdown that ushered in 2019 had a massive impact on the country and population. Hundreds of thousands of federal workers were furloughed during that time and went unpaid, but have since been compensated.

Federal contractors, on the other hand, have not seen back pay from that stretch in which they lost shifts and income. Security guards and maintenance staff for government sites who work on a contract basis, among others, have not been included in previous back pay agreements.

That changed when the House approved a bill that would provide restitution for federal contractors who were affected by the shutdown. However, while the measure passed the House, it still faces an uncertain future in the Senate and a skeptical White House.

Back pay part of larger agreement

In late June 2019, the House cleared a minibus spending package that appropriated funds for departments like Justice, Commerce, and Veterans Affairs, as well as other agencies and projects. Included in that proposal was a provision that would institute a mechanism for contractor back pay.

The Fair Compensation for Low-Wage Contractor Employees Act of 2019 was introduced by Rep. Ayanna Pressley (D-MA), but did not progress as legislation. Instead, it was incorporated into the minibus spending package, and would instruct departments affected by the 35-day shutdown to adjust the price of contracts or restore pay for contractors who were laid off or furloughed.

"I'm thrilled the House has passed legislation that would finally provide federal contract workers the back pay," said Pressley, according to The Hill. "Our government relies on these hardworking men and women to keep our government buildings running, and we have a moral obligation to make them whole for the pay they lost during the government shut down."

Uncertainty and outright opposition from Senate and White House

While the House's approval was a major step forward for federal contractor back pay, it will take much more to make the compensation a reality. The minibus spending agreement passed largely along party lines by a vote of 227-194, with conservatives largely against the provision. The reasons for opposing it included worries that it increases federal spending, rewards already profitable contracting companies, and would be difficult to implement and ensure payout went to contractors.

With Republicans controlling the Senate, the minibus bill containing the back pay provision faces daunting prospects for approval. And if it somehow does make it through the upper chamber, it still faces the threat of veto from the White House.

"While contractors play an important role in helping government agencies meet their missions, this legislation ignores important principles of federal contracting, and would lead to increased cost and a significant increase in the risk of fraud, waste, and improper payment," The Office of Management and Budget wrote in a policy document. "The administration anticipates significant, disruptive, and costly challenges in trying to force-fit the requirements of contractor back-pay legislation into an acquisition system that is not designed or equipped to manage contractor employees, making it difficult, if not impossible, to meet the dual goals of paying quickly and paying accurately."

The government shutdown that began on Dec. 22 has continued on into the new year, amid threats that it could last for months. The length of the shutdown has broken the previous record of 21 days, which was set during the government shutdown that extended from Dec. 5, 1995 to Jan. 6, 1996.

Much attention has been paid to the impact that the shutdown has had on government workers, as hundreds of thousand of federal employees have been furloughed or are working without pay. Yet the shutdown is impacting the livelihood of more than just those directly employed by the federal government, as many government contractors are now also feeling the pinch.

A range of responses from contractor community

How deeply a government contractor is impacted by the shutdown depends largely on the nature of their work.

"The government shutdown has certainly created anxiety throughout the contractor community, but the impact is very different for each contractor depending on which government clients the contractor serves," said Mark Colturi, executive vice president of Sevatec, an advanced technology company that has partnered with the government on border security and data protection.

"For some government contractors, including Sevatec, contracts are operating close to normal," Colturi said in an interview with Clearance Jobs. "In other circumstances, government contractors have been issued stop-work orders, which can be very difficult on employees who may have to take vacation time or leave without pay."

Whether a government contractor continues working throughout the shutdown is largely determined by whether or not their contract is deemed critical. Companies that have hundreds of individual government contracts, both of the essential and inessential variety, typically have some of their workforce operating at full capacity, and other employees working at diminished capacity.

Defense industry expressing concerns

Defense firms are among the government contractors most worried about the effect that this indefinite pause in business could have on the continuation of business as usual.

While the Defense Department has been funded for fiscal year 2019, allowing work on the military's weapons programs to continue uninterrupted, many defense companies hold contracts with agencies that have not received funding, according to Defense News. Among the agencies going without funding during the shutdown are NASA and the Department of Homeland Security, which includes the Coast Guard, Customs and Border Protection.

One notable example of shutdown consequences is the suspension of weapons sales and transfers to U.S. allies due to the closure of the State and Commerce Departments.

Now defense industry figures and lobbying groups such as the Aerospace Industries Association are advocating for an end to the government shutdown, and warning that its extension could have a negative impact on the balance of federal employees and contractors.

"There might be near-term collateral damage if people leave government service, but a 1-3 year factor to consider is how this shutdown and the potential for future ones accelerates reliance on federal service contractors," Byron Callan, an analyst for Capital Alpha Partners, said to Defense News.

Senators propose authorizing back pay for contractors

The Washington Post recently reported that a group of 34 Democratic United States senators released a letter urging federal agencies to work with contractors to provide back pay for low- and middle-income workers impacted by the government shutdown.

The senators argued that agencies have the authority to negotiate back pay for contracted employees, and therefore should act to ensure that the most vulnerable contracted workers are still paid during the shutdown.

Whether agencies will act to ensure that government contractors aren't going without paychecks, or if and when an agreement between Congress and the White House will eventually be reached, remain looming questions as the government shutdown lingers on.

Massive data breaches dominated the headlines in 2018. In fact, if it seemed like there were even more stories about data breaches this past year than in 2017, that's because there were.

Although none were as newsworthy as the Equifax data breach of September 2017, occurrences were still on the rise this past year, with cyberattacks increasing by 32 percent in the first three months of 2018 and by 47 percent during the April to June period. And in December alone, high profile breaches of Dunkin', Marriott and Quora were announced within the span of a few days.

Billions of people have been affected by these hacks, and it's more likely than not that you're one of them, according to USA Today.

And it's not just corporations that are putting customers' personal information and other data at risk, but also government contractors that are sometimes entrusted with even more sensitive information about federal employees.

In light of these data breaches, the U.S. government's lead contracting agency recently announced changes to the requirements for how and when contractors are to disclose data breaches.

GSA announces new requirement for contractors

In November, the General Services Administration proposed a rule which would mandate that the GSA and the agency that's being served by the government contract have access to breached contractor systems. This would also require contractors to preserve images of the affected systems for the purpose of government review.

An independent agency of the United States government, the GSA supplies products for government offices, transportation and office space for federal employees and government-wide cost-effectiveness policies and other management tasks for federal agencies. Founded in 1949, the agency employs 12,000 federal employees, and is now the United States government's leading contracting agency.

The GSA's proposed rule regarding breached contractor systems is not scheduled to be published until February, and will come with a comment period that closes in April.

New rule a direct response to past contractor data breaches

This new requirement is likely inspired by the overall rise in cyberattacks, as well as recent incidents in which contractors were the victims of hacks.

For example, according to Nextgov, there were two separate contractor breaches in 2014 that exposed the background check information of approximately 73,000 government employees collectively.

The following year, there was the much larger Office of Personnel Management breach, which exposed background checks on more than 20 million current and former federal employees, as well as their families.

A February 2018 report from cybersecurity firm BitSight concluded that 5.6 percent of aerospace and defense contractors and 8 percent of health-sector government contractors had disclosed a data breach since January 2016.

The report also found that contractor cybersecurity was generally much lower than that of federal agencies.

Under the GSA's proposed amendments to the General Services Administration Acquisition Regulation, any data breach that compromises the "confidentiality, integrity, or availability" of data or information systems owned or managed on behalf of government agencies would need to be disclosed by government contractors. The mandate will also outline the ways in which the U.S. government will use and protect any proprietary information which a contractor shares in the process of a breach investigation.

"By incorporating cyber incident reporting requirements into the GSAR, the GSAR will provide centralized guidance to ensure consistent application of cybersecurity principles across the organization. Integrating these requirements into the GSAR will also allow industry to provide public comments through the rulemaking process," said the GSA.

Government contractors – especially those working with the Department of Defense – have recently come under fire for poor data security. These organizations often hold and use sensitive data in their work, and a security breach has consequences not only for the business but the U.S. government as a whole. This statement is especially true for DoD contractors, who may have access to classified weapons plans or military strategies.

Unfortunately, per a report from BitSight Technologies, a significant number of contractors aren't nearly as secure as they need to be. When scored on the tech company's security ratings scale, federal agencies scored an average of 15 points higher than contractors. In fact, more than half of the latter businesses scored a letter grade below C in terms of protective technology. Furthermore, 20 percent of technology and defense contractors work on outdated internet browsers, and more than 8 percent of healthcare contractors have disclosed a data breach since 2016.

Something clearly needs to be done, and thankfully, the government is taking the issues seriously. In December 2015, the DoD published the Defense Federal Acquisition Regulation Supplement (DFARS) minimum security standards to guide contractors that process, transmit or store Controlled Unclassified Information (CUI). Contractors had two years (until Dec. 31, 2017) to comply. Those that haven't yet must do so immediately or risk losing their working partnership with the DoD.

It's best to dedicate DFARS compliance to an experienced security professional.

Complying with DFARS

DFARS was written to match security requirements set by the National Institute of Standards and Technology. Its extensive guidelines are available as part of a self-assessment handbook on the NIST website.

Requirements in the handbook include:

Limiting access only to authorized users (rather than every employee).
Limiting the functions that authorized users can perform.
Controlling the flow of information so only relevant individuals have access.
Separating duties so that multiple employees don't have access to the same information, thereby reducing the possibility of malevolent activity.
Limiting unsuccessful logon attempts, locking the application after a certain number of failures or after a specific amount of time has passed.
Automatically terminating user sessions after a defined condition, such as a certain period of inactivity.

Compliance options

The full DFARS handbook is much more thorough than the few examples shown here. As such, compliance can be incredibly difficult for contractors who don't know what they're doing.

Businesses do have the option of self assessing, as evidenced by the handbook, but leaving assessment to an inexperienced eye can lead to critical oversights or confusions that ultimately cost the company its contract with the DoD. It's best to dedicate DFARS compliance to an experienced security professional.

If contractors have no such employees on their staff, they can hire a third-party consultant – specifically one experienced in government compliance. Doing so can remove a lot of the headaches of evaluating and updating security, especially if the company in question has several improvements to make.

Regardless of which option they choose, contractors must make certain their processes comply as soon as possible, lest they lose the support of the government and suffer financial consequences.