Intellectual Property and the NDAA 2018

© zenzen – Fotolia.com

Early in 2018, Edmund Amorisi of Smith Pachter McWhorter PLC and and Bill Walters of Dixon Hughes Goodman LLP presented a comprehensive summary of the key provisions of the FY 2018 NDAA. As they explained, Sec. 802 emphasizes DoD’s ongoing interest in intellectual property issues.

It directs DoD establish a “cadre of intellectual property experts” to “ensure a consistent, strategic, and highly knowledgeable approach to acquiring or licensing [IP] by providing expert advice” to the acquisition workforce. Sec. 802 also authorizes DoD to contract with a private-sector entity for “specialized expertise” to support the cadre.

Currently there are FAR and DFAR provisions to protect intellectual property, both the portion that the government should own after something new is developed, and the portion that the contractor brings to the table. However, this expertise does not exist in the regular contracting workforce. So this provision really goes into detail about intellectual property and directs the DoD to establish some intellectual property expertise that they can use.

Any company with an innovation will have a real issue about bringing their innovation into the contracting community because they may not be properly protected to keep their IP. Too often contractors don’t pursue their innovative ideas because they don’t want their innovation to become the property of the government.

So this provision is really about allowing innovation to play a part, and that’s a very good thing.


The 3 Most Critical Elements of a Small Business Cybersecurity Plan

© nd3000 – Fotolia.com

This is a guest post from Tonya Buckner of BucknerMT Management & Technology, Inc.

In a previous post, we looked at the disturbing prevalence of cyber-attacks, and how small businesses are especially at risk.

As of December 31, 2017, any company wishing to work with the government is required to have a documented cybersecurity plan. This is an excellent opportunity to make sure your business is prepared for this inevitable threat.

The three critical elements of a cybersecurity plan

1. People

• Requires executive leadership commitment to security
• Train and educate employees about cyber threats and hold them accountable
• Require employees to use strong passwords and to change them often

The bottom line is that employees should participate in identifying and protecting your business from security incidents. Ultimately, your goal is to build a culture of cybersecurity that includes employees knowing how to protect themselves and the business.

2. Processes

• Create a cybersecurity policy for your business
• Develop procedures for safeguarding employee, vendor, and customer information
• Establish security practices and policies to protect sensitive information
• Include protocols/processes that employees must follow in case of a breach

3. Technology

Although all three are critical, the technology is the most critical element of a cybersecurity plan.

• Update computers and software
• Regularly update your computers, including desktops, laptops, and mobile devices
• Ensure operating systems, software applications, and web browsers are up to date
• Encrypt data and create backups
• Regularly backup the information so if information is stolen, you will have another copy somewhere else
• Limit and control access
• Unauthorized personnel should not have access to company computers and accounts
• Secure your infrastructure (physical location, network, etc.)
• A business’s Wi-Fi can be an easy way to access data; secure your Wi-Fi so only authorized personnel can access it.

If you become a victim of a breach take the following steps:

Act immediately
• Contact your IT team, legal counsel and cyber liability insurance agent

Contain the breach
• Take affected systems offline, but don’t turn them off – that way your IT team can examine the source of the breach

Document every step
• Authorities will need to know these details

Communicate clearly
• Ensure affected groups are made aware of the issue and the steps being taken

A great cybersecurity resource is the United States Computer Emergency Readiness Team (US-CERT), who distributes bulletins and alerts. It provides information for both technical and non-technical users, shares cybersecurity tips, and responds to incident, phishing, and vulnerabilities reports.

It is imperative that businesses exercise breach preparedness and readiness in order to remain competitive in today’s marketplace. Cybersecurity strategies are not optional; they need to be regarded as a core activity in your business.

BucknerMT Management & Technology, Inc. (BucknerMT, Inc.) is a verified service-disabled veteran-owned small business (SDVOSB) and woman-owned small business (WOSB). Since 2007, they have supported the Department of Defense (DoD), Defense Information Systems Agency (DISA) by providing engineering, integration, and sustainment solutions to protect its critical military infrastructure, platforms and data. Department of Defense is the highest level of cyber protection.


Cybersecurity: What Your Small Business Needs to Know

© SolisImages – Fotolia.com

This is a guest post from Tonya Buckner of BucknerMT Management & Technology, Inc.

“I am convinced that there are only two types of companies: those that have been hacked and those that will be.”Former FBI Director Robert Mueller

The City of Atlanta, Amazon, BlueCross BlueShield, Disney, Equifax, Home Depot, Microsoft, Sony, Target, and Yahoo. What do all these companies have in common? These are large organizations with massive infrastructure. If it can happen to them, it can definitely happen to you. Small businesses are the heart of the US economy and yet we are some of the most vulnerable to the threat of cyber attacks.

Cyber-attacks are growing every day, from influencing major elections to crippling businesses overnight. Consider these statistics:

  • There is a hacker attack every 39 seconds, affecting one in three Americans each year
  • 64% of companies have experienced web-based attacks
  • 62% experienced phishing & social engineering attacks
  • 59% of companies experienced malicious code and botnets and 51% experienced denial of service attacks
  • The average cost of a data breach in 2020 will exceed $150 million by 2020, as more business infrastructure gets connected
  • In 2017, 61% of small businesses experienced cyber-attacks
  • 60% of all small businesses go out of business within six months of experiencing a cyber-attack

(Source: Verizon Data Breach Report)

Most disturbingly, the same report found that 90% of small businesses do not use any data protection to secure their company and customer information.

As small business owners, we often find ourselves “laptop road warriors,” working in our cars, at Starbucks, on a plane, in a restaurant, or in a hotel room, just to name a few. Yet these environments are playgrounds for cyber attackers. Public Wi-Fi systems are unsecure and a gateway for hackers to access your system and steal your information. By using them you are exposing yourself to the world.

It is important to take proactive steps to combat cyber attacks to protect your company and your customers’ information, as well as to avoid excessive financial cost. It is critical that you do not underestimate the effect cyber warfare can have on your business.

Cybersecurity refers to a set of techniques used to protect the integrity of networks, programs and data from attack, damage or unauthorized access, ensuring the integrity, confidentiality and availability of information. It represents the ability to defend against and recover from attacks by adversaries.

The first step to cybersecurity is to assess the current vulnerability of your organization. It is equally important to understand the cyber risks as your business grows, adding new technologies or functions. Once you understand the risks associated with your organization, you can better protect it from theft. Potential risks include:

  • Outdated and/or unlicensed hardware and software
  • Ineffective/nonexistent policies
  • Ineffective/nonexistent procedures
  • Lazy oversight/lack of training
  • Loose enforcement

In a follow up post, we’ll look at the most important elements of your small business’s cybersecurity plan.

BucknerMT Management & Technology, Inc. (BucknerMT, Inc.) is a verified service-disabled veteran-owned small business (SDVOSB) and woman-owned small business (WOSB). Since 2007, they have supported the Department of Defense (DoD), Defense Information Systems Agency (DISA) by providing engineering, integration, and sustainment solutions to protect its critical military infrastructure, platforms and data. Department of Defense is the highest level of cyber protection.


Commercial Item Contracting Changes in NDAA 2018

© piyaset – Fotolia.com

While we at TAPE provide services, other companies provide products, or a combination of the two. In terms of federal contracting, commercial items are all the things that are stuff, for example office supplies like pencils and paper clips.

What Sec. 846 of NDAA 2018 is trying to do is establish Amazon-like online portals where contracting officers and authorized people can simply go online and order their products and commercial items.

That would replace the current process, which in many cases is ordering these supplies off GSA schedules, and will make it easier and more efficient for government buyers to do their job. The problem is whether this takes away opportunities for competition. How do you regulate all of these things?

There is still work to be done to determine who is included in the portal, how search results are delivered, what kind of e-commerce portal do you create, and how this relates to the Federal Acquisition Regulation (FAR) and the Defense Federal Acquisition Regulation Supplement (DFARS).

Until we figure out these things, I don’t think this portal will happen immediately. There doesn’t seem to be a rush to implement this, and this might be partially because GSA sees this as a competitor to their own portal. But I also don’t think we’ll be waiting too long.


Bid Protest Changes in NDAA 2018

© sabelskaya – Fotolia.com

We’ve been taking a closer look at some of the most relevant changes to the 2018 National Defense Authorization Act (NDAA), which includes several provisions designed to reduce the number of protests.

According to the U.S. Government Accountability Office (GAO), “federal agencies are required to award government contracts in accordance with numerous acquisition laws and regulations. If a party interested in a government contract believes that an agency has violated procurement law or regulation in a solicitation for goods or services, or in the award of a contract, it may file a bid protest with our Office.”

With contracting dollars being so tight over the last 10 years, every loss was a big deal, and large losses in particular resulted in long and involved protests. This led to us seeing more and more contracts being protested, which is creating a lot of problems.

So there are a number of things that this provision attempts to do, including to increase the amount of information flow in the debriefing (see: how to take full advantage of a debriefing).

That’s a double-edged sword for both the government and the contractor. On the one hand, it will help bidders better understand the decisions and help them shape future proposals for more success.

For example, they will now allow businesses pursuing contracts of $100 million or greater to see a redacted version of the source selection decision document. This is the recommendation document that goes to the source selection authority (SSA) – the panel that decides who to select among the bids – and is an incredible source of information. Small businesses may request the same disclosure for contracts valued at $10 million or more.

On the other side, these changes will produce a lot more documentation and paper trails, and sometimes when a contractor learns more about a decision, it actually increases the possibility of protest.

Another potential down side is a potential pilot program of charging protesters if they’re unsuccessful when a protest is made and denied. This compensates for the fact that the government has to spend money to defend the protest.

That means you’ll have to really think twice because there is the potential to incur hard costs (where before it was just your legal fees).

The hope in all of this is to get rid of frivolous protests that are only meant to extend existing contracts. Unfortunately, some incumbents who are about to be replaced start a protest knowing that for the 4-6 months while it’s in process, they can still be performing and collecting their money. While the protest is going on the government is prohibited to hire the new company. This is an unfair practice and definitely needs to stop. Time will tell if these changes are successful in doing that.


Acquisition Threshold Changes in NDAA 2018

© ivector – Fotolia.com

Simplified acquisition is “a contracting method which seeks to reduce the amount of work the government must undertake to evaluate an offer. Because source selection is less arduous under simplified acquisition, the dollar value of contracts allowable under simplified acquisition …is capped.” (Georgia Tech Contracting Education Academy.)

In the NDAA 2018, this simplified acquisition threshold increased from $100,000 to $250,000, in order to expand opportunities and increase participation of small and disadvantaged businesses – service-disabled, women-owned, small, and small disadvantaged (what used to be known as 8(a)).

What that means is that contracts valued up to $250,000 – a pretty fair amount to most small businesses – don’t have a justification and authorization requirement (known as a J&A). The government contracting officer can just issue a purchase order to the small business.

The Truthful Cost or Pricing Act (TINA) (previously known as the Truth in Negotiations Act) was instituted to protect government agencies from unfair pricing practices by contractors. NDAA 2018 also bumps up the threshold for which contracts need this particular oversight – from $750,000 to $2 million. From a government standpoint, this means fewer regulations associated with a larger pool of contract dollars.

As we head into the year-end federal purchasing blitz, everybody just got their budgets and they have to spend all of their money by September 30th. These changes give small business contractors important opportunities to get bigger amounts of money in sole sourcing.


Trends in Government Contract Financing

© Burlingham – Fotolia.com

This is a guest post by Katie Bilek of Republic Capital Access.

Small businesses face a unique set of financial challenges as federal government procurement has evolved over the past few years. Here are some recent trends that stress small businesses:

Awards too large for a company’s financial wherewithal

The nature of the federal contracting environment has led to many out-sized contract awards to small businesses. It’s not uncommon for us to see a contractor win work that is at least 3 to 4 times the size of their existing portfolio of contracts. In many cases, this may be the result of desired efficiency, where a contracting officer chooses to merge multiple legacy contracts into a single vehicle.

More frequently, contracts are “flipped” from full and open to a small business preference (such as HUBzone, SDVOSB, etc.) to achieve set-aside goals, introducing the potential awardee to what was previously a large business task, most likely at the high end of their NAICS ceiling. It is important to have a financial institution that is prepared to triple or quadruple the size of your existing financing upon contract award.

Cost of pursuing indefinite delivery, indefinite quantity (IDIQ) and blanket purchase agreement (BPA) contracts

While multi-billion (or trillion) dollar contract ceilings sound enviable for any small business owner, IDIQ/GWAC and BPA contracts are merely a license to hunt. We have seen many small businesses expend nearly all of their resources and cash reserves to win large IDIQ contracts. When they finally pursue task orders and hire key personnel in advance of execution, many lack the capital to perform the work.

Focus on cash flow projections and choose a financial partner who can provide financing based upon the creditworthiness of your government customer and contract, not your balance sheet.

Requirement to have financing in place in order to be compliant with bid

We have seen increasing scrutiny on the part of contracting officers to make sure small businesses can demonstrate financial capability to execute the contract in compliance with the FAR.

Many solicitations now require a financial capability letter from a financing institution citing the solicitation, description and a financing facility equal to at least three months’ worth of billings in. Your financial partner should be able to provide this commitment letter at no cost for future contract awards.

Challenges related to financing joint ventures

Unpopulated joint ventures are a popular teaming vehicle, yet the unpopulated joint venture structure itself often struggles to qualify for stand-alone financing without significant capital contributions or guarantees from its participating partners. Even when the JV partners maintain their own bank lines of credit independent from the JV, those banks are often unwilling to extend credit to the JV as an external entity.

Find a financial partner who will underwrite the unpopulated joint venture without requiring capital contributions from either party. This is done via non-recourse receivables financing.

Surges and volatility of product procurements

For value-added resellers, the federal fiscal year-end results in the lion’s share of revenue. For our small business friends holding NASA SEWP, CIO-CS and other contract vehicles, a combination of receivable and vendor financing is critical to executing large product orders.

While vendor credit programs can be affordable sources of financing, not all small business balance sheets can support 8-figure product orders on vendor credit alone; the non-recourse sale of receivables to pay vendors and manufacturers completes the financing package that allows resellers to execute during peak seasonal times. Choose a financial partner with a vendor financing solution with adequate availability for your largest product orders.

Loan sharks in sheep’s clothing

The prevalence of online, financial technology (FinTech) loans is startling. These fast money products are basically like an electronic version of payday loans for businesses, usually priced well above 30%.

They dress their virtual storefronts up in any manner of ways: the jeans-and-t-shirt, San Francisco techies; the self-proclaimed veteran lovers invoking images of patriotism, the Buy by Midnight! used car salesmen and the not-so-subtle cash advance lenders.

All of these lenders hawk financial products that are priced higher than most small business government contractor margins can support. Beware of online lenders, and always read the fine print; even if they tell you “It’s only 9%!” share the proposal with a banker who can shed light on the real math.

Republic Capital Access (RCA) is a specialty finance company for government contractors. RCA’s product offering includes non-recourse receivables financing, unbilled (mobilization) financing, financial commitment letters, joint venture financing, term loans and more. Katie Bilek currently serves as senior vice president of Republic Capital Access. She is also co-founder of govmates and board member of the National Veteran Small Business Coalition. Katie lives in Alexandria with her husband Beau and son Jackson.

 


Multiple-Award IDIQ – How to Pick and Choose Targets That You Didn’t Bring to the Table

© noraneko – Fotolia.com

We’ve been discussing multiple-award IDIQ contracts and what to do once you’ve won one. The most important thing to remember is that there is no guarantee you’ll be awarded the work.

In some cases, you can give yourself an advantage by bringing your own customer or prospective customer to the table and setting yourself up to win. But what if you didn’t bring the customer? Is it still worth trying? It depends.

When it comes to multiple-award IDIQ contracts, the more detailed the proposal evaluation criteria and proposal instructions, the better – but only when you’ve worked with the customer to correspond those details to your company’s specific past performance. Otherwise, you could be putting yourself in competition with someone who did. Here are two specific clues that that’s the case:

  1. Key resumes – the more key resumes that there are, and the more detailed the resume requirements, the faster you should run away. If they’re specifying 10 or more key people and they have extensive requirements for what those key people need to have, you’re never going to win. Even if you were to find matching people, they’re not THE people that the customer wants. They wrote the requirements that way because they want a specific set of people.
  2. Past performance – similarly, if the proposal criteria include a whole host of technical systems and functions that you’re supposed to have done, it means the customer already has somebody in mind who has all those requirements.

So if you’re deciding whether or not to bid on a proposal for a customer you didn’t bring to the table, measure carefully against these two factors before making your choice.

Something else you might want to avoid when you’re considering potential multiple-award IDIQ proposals are LPTA (“lowest-price technically acceptable”) jobs. Most people who are successful at bidding on LPTA jobs have very, very low indirect rates. It is highly unlikely that you’re going to beat them at their game and still manage to keep your good people and your reputation with those people; and run your business successfully the way you want to run it; with the culture that you want to foster in your business.

At TAPE, we rarely if ever bid on LPTA jobs. The expectation is that you’re going to deliver the same qualified staff at a dramatically lower rate and we just don’t think we can do it, nor do we want do. It’s not the kind of culture we want to run.

So unless you brought the customer to the table and you’re fairly sure you’re the only one who can win, be very careful before choosing to bid on a multiple-award IDIQ task order.


Multiple-Award IDIQ Contracts – How to Make Sure You’re the Only One Who Can Win

© kraphix – Fotolia.com

Even when you win a multiple-award IDIQ contract, there is no actual guaranteed work. You still need to find customers who will award the work to you.

There are two situations where it’s easier to make sure you’re the only one who can win. The first is if there is a customer you’ve previously worked with, and the second is if you’ve done all the upfront work with a new customer who is ready and wants to buy from you.

In either case, when you are bringing a customer to the table in a multiple-award IDIQ you want to make it easy for them to choose you over the other companies in the mix, by advising them as they create their proposal instructions and proposal evaluation criteria.

The more detailed their criteria – and that those details are based on your actual experience – the more likely you will be able to eliminate the companies who don’t have the same exact requirements you have specified.

Aim to have the customer include these details:

  • The key people who will be involved in the work, along with their specific technical skills and the functions they perform
  • A requirement that these key people are current employees of the company
  • A performance work statement (PWS) and statement of work (SOW) that correspond closely to your company’s actual past performance

If you are successful in guiding the prospective customer to base their proposal evaluation criteria on these details, your own proposal will send a strong message that you are ready for this contract.

Will you have an unfair advantage? Certainly! The point is, if you’re going to try to make it so nobody else can win, you’d better be sure no one else can win. This is not about being fair; if you want to be fair, then you’re not going to do any of these things and you’re going to have more competition.


7 Steps for Innovators Wanting to Work with the Feds

© “Step” by Guido is licensed under CC BY 2.0

This is a guest post by Eileen Kent, The Federal Sales Sherpa.

1. Reach out to a Procurement Technical Assistance Center who can help your connection register with the federal government – it’s free, and SAM.gov is the site. If you want to learn more about it, listen to this episode of my blog talk radio show. It’s not rocket science – but it’s the first step a company needs to take first before approaching anyone in the federal government.

2. Find basic training if you’re dabbling in the market and doing it yourself. For a small investment (often under $100 and sometimes free), attend a few SBA-sponsored local events or PTAC-sponsored local events, or listen to some of my connections’ webcasts, podcasts, and webinars (including The Federal Sales Sherpa Show).

3. If you’re serious about this market, purchase one-on-one training from federal sales experts who have “been there/done that” – and can customize the material for your business and your services. This is only for those wanting to stand up a team member – or hit the ground running. It’s refreshing and time saving to hear a non-government sponsored training – because an expert giving you the training will tell you the realities of what it truly takes to win federal contracts.

My training is called, “The Federal Sales Game-How to Play to WIN!” but others have something similar. You and your team need to learn the difference between the goals of the contracting officer and your customer on the inside – the END USER – who will need what you sell. You need to find and capture their attention, imagination, pain, needs, and perceived solutions. You also need training on clearly understanding contracting vehicles. What is a GSA Schedule, IDIQ, BPA, GWAC? What are set asides, 8(a), SDVOSB, HUBZone, EDWOSBs? Know the difference and understand the power of having these contract “bridges” or partnering with someone who does.

4. Build a strong capabilities statement, with provable, quantifiable best values. Follow this document up with several past performance/case studies ready to present in a capabilities briefing, stand-up field meeting, or webinar.

5. Perform a competitive analysis of the data, which is available at your fingertips WITHOUT BUYING A SUBSCRIPTION. Know how to use all the tools available to you that can uncover which agency buys what you sell, from whom and with what contract vehicle, so you know who to approach, what to say and how to differentiate yourself from their current provider.

Only buy a subscription when you understand the data you’re looking at and you plan to DO something with the intel uncovered. One client of mine just got a renewal for a subscription which is $20k a year now for them. Stop the madness! Wrap your head around the intel and stop living in it. It’s time to take that intel and DO something with it, such as make decisions about which contract vehicles (like GSA, Seaport-e, GWACS and such) to keep and which to drop.

6. Build a federal sales action plan focused around the 3-5 agencies who buy what you sell. Stop stumbling around the public bid sites and randomly bidding on contracts you think are “perfect for us.” Start developing relationships and finding the end users and program managers making decisions about purchasing like-products/services as yours and execute that plan.

What do I mean by execute? Simple. Call. Email. Ask for directions. Call again. Email. Email. Call. Email. Visit. Present. Follow up. Call again. Check in. Follow through. Ask for referrals. Email., Call. Share an article or a whitepaper. Call again, and again, and again. Develop comfortable relationships with federal clients who start to share with you what’s really happening, and whether or not they need you now or later. If they don’t need you now, who would they call on if they were you? This is a long-term process of relationship building and you can’t hire a 100% commission sales person or a consultant to do it for you. This needs to be someone who is involved with your company – invested. You need the A-Team out front. Customers don’t want to talk to someone who represents you – they want to talk to YOU.

7. Train your team on proposal writing and have a standby proposal consultant ready to help if you have a sudden need to respond to an RFP/RFQ. But understand the process so you don’t waste a dime on misunderstandings between you and your proposal team. You need to have a strong bid/no bid process so you don’t waste a minute on a loser. You need to understand win themes, evaluation criteria, the past performance you need to submit which fits the opportunity perfectly, the technical, and more. If you don’t, get training and find a strong proposal team. Put this statement on your wall: We Only Write Winning Proposals.

About the author: Eileen Kent is The Federal Sales Sherpa and helps companies one-on-one with training on the federal sales game, a deep dive competitive analysis on who buys what you sell from whom and with what contract vehicles and then she builds you a custom federal sales action. If you’re serious about this marketplace and ready to hit the ground running, contact Kent at 312-636-5381.


css.php