Just like the commercial world, it’s important to periodically research what the current federal marketplace looks like and where it may be headed. Tracking federal government spending allows you know which agencies are spending the most money and what they are most interested buying. As we move through the 3rd quarter of Fiscal Year (FY) 2022, the government is gearing up for the Q4 spending spree, so it's important to take note of agencies' procurement habits and how your business can prepare.

The Department of Homeland Security's (DHS) Cyber and Infrastructure Security Agency (CISA) has issued a Shields Up Advisory amid growing geopolitical tensions surrounding Russia and Ukraine. In addition to the recent tensions, CISA and the Federal Bureau of Investigation (FBI) have observed regular targeting of U.S. cleared defense contractors (CDCs) by Russian-state sponsored cyber actors from January 2020 to February 2022.

CMMC 2.0 is here—the Department of Defense (DoD) announced the revamped version of the Cybersecurity Maturity Model Certification (CMMC) on November 4, 2021. CMMC, a cybersecurity compliance program for defense contractors, is intended to verify that contractors are taking the appropriate cybersecurity practices and measures. Contractors in the Defense Industrial Base (DIB) have been following CMMC closely as it’s slowly being phased into notices, requirements, and solicitations.

We live in the digital era and as we have seen with the pandemic, more and more aspects of life are becoming digitized. This does not exclude our federal entities, so it’s imperative that our federal government is protected from the threats that come with the digital age. As a result, GSA created a HACS (Highly Adaptive Cybersecurity Services) SIN which is dedicated to preventing leaks and cyberattacks. Before an entity can obtain a HACS SIN, they must show that they are qualified to provide thorough and extensive cybersecurity. A main part of the qualification for the HACS SIN is determined by an Assessment Evaluation and Standardization (AES) High Value Asset (HVA) assessment. Let’s dive into the HVA assessment and what it entails.

If you are a government contractor serving the Department of Defense (DoD), then you are part of an elite group of organizations that make up the Defense Industrial Base (DIB). The Cybersecurity and Infrastructure Security Agency (CISA) estimates the DIB to be made up of more than “100,000 companies and subcontractors working under contract for the Department of Defense at any given time.” As part of the DIB, you are subject to the Cybersecurity Maturity Model Certification, or better known as CMMC. CMMC is a set of cybersecurity standards created to ensure the DIB and other relevant government contractors are properly protecting sensitive unclassified information.

If you are an Information Technology (IT) firm entering into the federal government marketplace, you will be introduced to a whole new world of terms that you were previously unfamiliar with. After taking advantage of some open market contracting opportunities, you may be encouraged by one of your Contracting Officers to get on a GWAC.