This week on NVTC’s blog, member company Venable shares “Performance Requirements and Small Business Contracting,”part two of their five part series on the SBA’s Proposed Rules to Implement the 2013 NDAA. This post focuses on identity of interest, size protests, NAICS appeals, and certificates of competency.


Identity of Interest 
The SBA’s proposed rule clarifies what constitutes an “identity of interest” leading to affiliation. The current regulation states that affiliation arises when two or more people or entities “have identical or substantially identical business or economic interests.” The proposed rule specifies in more detail that “firms owned or controlled by married couples, parties to a civil union, parents and children, and siblings are presumed to be affiliated with each other if they conduct business with each other.” This presumption is rebuttable, and can be overcome by demonstrating a “clear line of fracture.” Notably, under the proposed rule, types of familial relationships other than those specified expressly do not lead to a presumption of affiliation.The SBA also proposes a presumption of identity of interest by virtue of economic dependence if a concern derives at least 70% of its receipts from another entity. The current rule does not specify an exact percentage that leads to economic dependence, and the SBA believes that this additional guidance will offer greater clarity. The proposed rule indicates that this presumption can be rebutted, for example when a new entity has only received a few contracts.

The Bottom Line: What You Should Know

Contractors should carefully evaluate and track their existing relationships to ensure unintended affiliations have not arisen. The proposed rule also offers significant additional guidance to contractors moving forward, by specifying exactly what familial relationships and percentage of economic dependence lead to a presumption of affiliation. Contractors should bear in mind, however, that even if their business relationships do not trigger a presumption of affiliation via identity of interest, the SBA still considers affiliation under a totality of the circumstances; other factors, therefore, could still lead to a finding of affiliation.

Size Protests

The SBA’s proposed rule would redefine the parties that have standing to file a size protest. The proposed change refines the language to allow “[a]ny offeror that the contracting officer has not eliminated from consideration for any procurement related reason, such as non-responsiveness, technical unacceptability or outside of the competitive range,” to bring a size protest. According to the SBA, the “intent is to provide standing to any offeror that is in line or consideration for award,” but bar protest by offerors that have been eliminated for reasons unrelated to size.

Additionally, the SBA proposes to add a regulatory provision authorizing the SBA’s Director, Office of Government Contracting, to initiate a formal size determination in connection with eligibility for Service-Disabled Veteran-Owned as well as Women-Owned and Economically-Disadvantaged Women-Owned small business concerns.

The Bottom Line: What You Should Know

Under the proposed rule, contractors will have more clarity as to the circumstances under which they may bring a size protest. The proposed rule is explicit that entities eliminated from a competition for procurement related reasons do not have standing to initiate a size protest. Moreover, contractors should be aware that the SBA Director, Office of Government Contracting, may initiate a formal size determination.

NAICS Appeals

The SBA has requested comments on the appropriate timeline for filing a NAICS code appeal. Currently, a company must serve and file an appeal from a contracting officer’s NAICS code or size standard designation “within 10 calendar days after the issuance of the solicitation or amendment affecting the NAICS code or size standard.” This current rule was designed to work within procurements where offerors have 30 days from the date the solicitation is issued to submit an offer. However, in light of the fact that the 30-day window is not applicable to all procurements, and that NAICS code appeals are frequently decided within days of the procurement closing, the SBA is analyzing whether the rule is adequate for those procurements that do not require offerors to submit offers within 30 days after the solicitation is issued.

To determine an appropriate timeline, the SBA intends to consider the following factors:

  • How much time does the contracting officer need to amend the solicitation and notify interested parties of the pending NAICS code appeal?
  • How much time is needed for an interested party to draft and file a response to the NAICS code or size determination?
  • How much time is needed by the Office of Hearings Appeals to review the record and determine whether the NAICS code assignment “is based on a clear error of fact or law and issue a decision?”

In addition, the SBA seeks comments on what impact a NAICS code appeal should have on a solicitation. The current regulations require a contracting officer to “stay the solicitation.” The SBA seeks comments on whether the regulations should be amended to state that the contracting officer or the agency should delay the response date for the bid or offer.

The Bottom Line: What You Should Know

Contractors should continue to monitor this provision to see whether the timelines for a NAICS code appeal are amended. If there ultimately is a change, contractors must ensure that appeals and any comments thereon are timely.

Certificates of Competency

The SBA proposes to amend the Certificate of Competency (COC) Program where an apparently successful offeror for an IDIQ task order or contract is found non-responsible due to its financial capacity. Under the proposed change, if a contracting officer finds an offeror for an IDIQ task order or contract non-responsible due to its financial capacity, the SBA Area Director would review the concern’s “maximum financial capacity.” Should the Area Director issue a COC, it will be for a specific amount that sets the limit of the firm’s financial capacity for that contract. While the proposed change permits a contracting officer to exceed this amount, it prohibits the contracting officer from denying the firm an award based on financial grounds if the firm has not reached the identified capacity limit set out in the COC.

The Bottom Line: What You Should Know

Under the proposed rule, small businesses must take reasonable steps to ensure that they can readily demonstrate a high maximum financial capability. If a COC is issued that establishes the firm’s maximum financial capability, companies should monitor their financial capacity so that they are in a position to persuade the contracting officer to exceed the financial capacity limitation, or ensure that they do not pursue a task order that might put them over their identified financial capacity and potentially render them ineligible for contract award.

Submitting Comments

Contractors wishing to submit comments on these proposed rules can do so through regulations.gov by searching for RIN: 3245-AG58. Comments are due by February 27, 2015.


Continue following Venable’s Small Business Series for additional analysis and take-aways from the SBA’s proposed rule implementing the 2013 NDAA. If you have any questions about how these proposed rules could affect your business, please contact any of Venable’s authors: Keir BancroftPaul DeboltDismas LocariaRob BurtonRebecca PearsonJames BolandNathaniel Canfield, or Anna Pulliam.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s blog, member company Venable shares “The Limitation on Subcontracting and Small Business Subcontracting Plans,”part 1 of their five part series on the SBA’s Proposed Rules to Implement the 2013 NDAA. 


The current limitation on subcontracting rule, or the “50 percent rule,” requires small business prime contractors on set-aside services contracts to incur no less than 50 percent of the cost of performance for labor. A similar methodology applies to materials and construction contracting. To implement requirements of the 2013 NDAA, the SBA proposes to alter the rule as follows:
No more than 50 percent of the amount paid by the government to the prime may be paid to firms, at any tier, that are not similarly situated, and in addition

  • Any work that a similarly situated entity subcontractor further subcontracts to an entity that is not similarly situated will count toward the 50 percent subcontract amount.
  • A similar 50 percent limitation applies to the amount paid by the government for supply contracts; a 15 percent limitation is applied to the amount paid by the government for construction contracts.

Accordingly, under the new rule a small business prime is barred from subcontracting more than 50 percent of the amount paid by the government under the prime contract, unless a subcontract is to a similarly situated entity, i.e., a subcontractor with the same small business program status as the prime contractor. Thus, a HUBZone small business prime contractor can subcontract to another HUBZone small business subcontractor without it counting toward the 50 percent limitation. That HUBZone small business prime contractor, however, will have to count a subcontract to a woman-owned small business toward the 50 percent limitation, because it is not a similarly situated entity.

The SBA has gone a step further from Congress. The 2013 NDAA focused only on prime contractor restrictions. This limitation, however, could allow a similarly situated subcontractor – to which the 50 percent limitation does not count – to further subcontract some or all of the value of its contract to a large business. Thus, on a $100,000 set-aside, a HUBZone small business prime contractor could subcontract $75,000 of the amount paid by the government to another HUBZone small business. That subcontractor, in turn, could subcontract some – or all – of its subcontract to a large business. The SBA proposes to block that loophole by imposing limitations to contractors at any tier, and specifies that subcontracts to entities that are not similarly situated will count toward the rule’s limitations. This would bar the HUBZone small business subcontractor in the example above from subcontracting too much work to a large business subcontractor.

The wording of the proposed new rules also would dramatically simplify the methodology for determining how the percentage of subcontracting is calculated. For both services and supplies, the percentage is calculated simply as a percentage of the amount paid by the government to the prime. This is a substantial change from the current calculation methodology, as services contractors who have spent time and effort determining the “cost of contract performance incurred for personnel” will attest.

The SBA has proposed significant penalties for small business prime contractors that misrepresent compliance with the rule. Those penalties include imprisonment for up to 10 years, and a fine that is the greater of $500,000 or the dollar amount spent in excess of the permitted levels for subcontracting.

The Bottom Line: What You Should Know

Under the SBA’s proposed rule, small business primes must be vigilant in tracking the amount of work subcontracted throughout their subcontracting chain, particularly the work subcontracted by similarly situated entities. Failure to keep track of subcontracting could result in the contracting team exceeding the 50 percent limitation on subcontracting without the prime contractor’s knowledge, and risk an accusation that the prime misrepresented compliance with the rule.

Small Business Subcontracting Plan Requirements

The SBA proposes to toughen up requirements pertaining to small business subcontracting plans, which could have significant consequences for large business prime contractors.

  • Reporting Fraudulent Activity or Bad Faith: The SBA proposes to allow small business concerns and commercial market representatives (CMRs) to report fraudulent activity or bad faith behavior by large business prime contractors with respect to their subcontracting plans. Reports would be made to the SBA’s Area Office where the firm is headquartered.
  • Strengthening Corrective Action Plans: Large business prime contractors failing to provide a written corrective action plan after receiving a marginal or unsatisfactory rating for their subcontracting plans will be subject to material breach of contract, which will be considered in the contractor’s past performance evaluation.
  • Data Collection and Reporting: The SBA proposes to require agencies to collect, report, and review data on the extent to which each contractor meets its goals and objectives as set out in subcontracting plans.

This proposed rule, coupled with the recent rule allowing small business subcontractors to communicate directly with contracting officers about a lack of payment, will affect how large business prime contractors and their small business subcontractors interact. Failure by a large business prime contractor to reconsider a strained relationship with a small business subcontractor could lead to an allegation of fraudulent activity or bad faith with respect to small business subcontracting plan compliance. This proposal by the SBA leaves no recourse for the prime contractor to respond to allegations of fraudulent activity or bad faith, which could have significant adverse effects for contractors.

The Bottom Line: What You Should Know

Under the SBA’s proposed rule, large businesses must be aware of increasing scrutiny about small business subcontracting. The SBA’s proposed rule does not specify that any of the data collected on its subcontracting plan will be limited. Therefore, representations as to plan compliance under one contract must be consistent with plan compliance under another contract, or a large business prime runs the risk of allegations of making false statements to its agency customers.

Submitting Comments

Contractors wishing to submit comments on these proposed rules can do so through regulations.gov by searching for RIN: 3245-AG58. Comments are due by February 27, 2015.


Continue following Venable’s Small Business Series for additional analysis and take-aways from the SBA’s proposed rule implementing the 2013 NDAA. If you have any questions about how these proposed rules could affect your business, please contact any of Venable’s authors: Keir Bancroft, Paul Debolt, Dismas Locaria, Rob Burton, Rebecca Pearson, James Boland, Nathaniel Canfield, or Anna Pulliam.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Information Stewardship: Our Role in the 21st Century

February 23rd, 2015 | Posted by Sarah Jones in Guest Blogs - (Comments Off)
Today on NVTC’s blog, guest blogger Sean Tibbetts of member company Cyber Timez Inc. discusses our roles as information stewards of the 21st century and our responsibility to ensure that data is used efficiently, accurately, positively and safely.

With Great Power Comes Great Responsibility

Sean Tibbett

Sean Tibbetts

Information Technology has become a pervasive force at all levels of organizations whether their focus is government, business, recreation, education or a combination of them all. Device convergence has resulted in the technology utopian goal of constantly connected devices in the hands of data consumers providing access to information that has never been easier. The phrase “with great power comes great responsibility” has never been more true than in our modern, connected culture. Information is power and the more information for which we are responsible the more power we directly or indirectly inherit. As the Information Stewards of the 21st century it is our primary responsibility to ensure this data is used efficiently and accurately for the betterment of those who both give and receive the information we provide while avoiding causing harm to those that provide that data to us.

Data Driven Decision Making

Data driven decision making is key to the success or failure of any technology connected effort. The Internet may be the greatest tool ever released on mankind for “leveling the playing field” when it comes to access to pertinent data for decision making processes. Organizations from a one man jack-of-all-trades to companies employing tens of thousands of people all require access to data to determine which efforts are working well versus areas needing further scrutiny. As we review the type and content of the data they need it becomes clear that the requirements of any organization regardless of size tend to be the same: accurate data resulting in actionable information. Most organizations recognize that they need access to information about the client base they serve. This information can be categorized into three repeatable, programmable and usable data silos resulting in tools better enabling decision makers to reach organizationally positive conclusions.

Usage Data

The first and probably most obvious data silo is usage data. Whether tracking website views or app taps every organization needs to know how their information is accessed and used. Usage data may be as simple as how many times a page was loaded to a more complex model of how many times a page was loaded by operating system and browser sorted by time on site from specific referrers. Suddenly determining what should be “above the fold” on that simple web page isn’t so simple. Luckily for technology solutions of any size there are a myriad of tools available both free and for a fee that provide this type information in multiple forms from simple graphs to complex data slices represented with exportable pivot tables. Using this data to help guide our decision making process ensures users get the information they need.

Location Data

The second largest data silo used for decision making tends to be based on location data. Location data can vary from where a user is standing in a store aisle using Bluetooth beacons to an approximation of what country they are in based on IP address. Understanding where a user is physically combined with the how they use your tool provides greater insight into what type of data should be delivered to them at the appropriate place. If we know the country in which the user is in then our information needs to be translated to the appropriate language with useful local references. While using location data can be extremely valuable for technologies such as push notifications for sales at a nearby retail outlet, technologists also need to always keep in mind the privacy concerns and rights of their users. Using location and usage data together help guide our decision making process to ensure users get information they need in the place they need it most.

User Demographics

The third, and likely most valuable, data silo is user demographic information. Demographics can be as simple as knowing a user’s gender or as complex as gender based purchasing decisions sliced by median income in a given zip code. User demographics are a powerful decision making tool, but must be managed efficiently. While combining web search histories with current location data and gender information to push advertisements for certain products may be a good thing; it could also be very damaging if a child is using the device and suddenly gets an advertisement for lingerie because they walked past the ladies section of the store. Understanding the demographics of whom the current user is is critical and key to any information presentation model. Using demographic, location and usage data together help guide our decision making process to ensure the right users get the right information in the right place.

Conclusion

All of this data collection leads us to one conclusion: accurate data is absolutely necessary for decision making. We stand on the greatness built by the generations before us. They gave us the Internet, TCP/IP stack and the World Wide Web to gather and exchange information. As the Information Stewards of the 21st century it is our job to ensure that these tools are used to provide the best user experience possible by combining the most accurate data available in a manner that results in the ultimate goal of all data collection: actionable information. Technologists today should have their own Hippocratic Oath and take it to heart: I will collect and provide data for the good of my users according to my ability and my judgment and never do harm to anyone.


About the Author
Sean Tibbetts is the CEO and co-founder of Cyber Timez Inc. His information technology career spans over 20 years beginning as an owner/operator of a classic dial-up bulletin board system and as a contributor to multiple open source projects in the early nineties. He has participated on and led teams to design, develop and implement case management systems, the world’s fastest OCR and data entry engines and health care data mining systems. His current focus is on mobile technologies with a strong focus on wearable devices and the Internet of Things.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

3 Reasons Why M&A Will Continue to Thrive in 2015

February 17th, 2015 | Posted by Sarah Jones in Guest Blogs | Member Blog Posts - (Comments Off)

This week on NVTC’s blog, guest blogger Gretchen Guandolo of member company Clearsight Advisors discusses the success of M&A in 2014 with the return of gargantuan deals, largely seller-friendly transaction structures and premium valuations, and offers three reasons why 2015 will be just as successful.


dollar-exchange-rate-544949_1280In what was widely considered a banner year for M&A, 2014 was the return of gargantuan deals, largely seller-friendly transaction structures and premium valuations. In spite of the turbulent equity markets being driven by fluctuating oil prices, a gathering storm in Europe, and uncertainty around rising interest rates, we at Clearsight are already seeing the makings of a very big M&A year. Globally, investment banks are seeing increased deal flow and expanding pipelines. Our team is already out to market with several deals that are garnering high demand and premium valuations from a number of unique buyer groups. We expect the rising M&A tide to continue through 2015, as we believe demand for niche leadership positioning, strong growth trajectories, and seasoned management teams is unlikely to dissipate. First, a few fun facts from 2014 that will continue the momentum through 2015:

  • In 2014 there was $3.5 trillion worth of global M&A activity, which is up 47 percent from the year before
  • Global private equity investments totaled at $561.9 billion. That’s the highest figure since 2007, and a 43 percent bump over 2013 – with 60 percent of 2014 buyout activity focused on add-on investments
  • Venture capitalists disbursed a massive $87.8 billion (compared to $50.3 billion for 2013) via 7,731 deals
  • Companies raised around $249 billion in global IPOs in 2014, which was the busiest year for new listings since 2010

So what do we expect for this year?

  • There is likely to be a frenzy of activity in certain verticals, including: healthcare, energy and technology. Technology continues apace with no sign of slowdown and while the energy sector is harder to predict, one thing is clear – disruption in a regulated industry makes for a great M&A environment
  • Investor interest in certain technologies is likely to grow. Some of our favorites include: customer experience, big data, and human capital management. Technologies that enable us to get into the minds of customers and lead them on a journey to experience and buy a product has become the goal of retailers, financial services companies and even government! We see the market of big data continue to evolve and mature. This year will be a great growth year for data analytics consulting businesses who leverage Hadoop and other open source technologies to deliver predictive behavior, lower costs and drive increased revenue. Human capital technologies will continue to surge as employers seek out the best talent and retain and train individuals in a hyper competitive market.
  • As seen in 2014, both private equity and strategic acquirers will drive robust market competition. Nearly all of our processes include both strategic and financial buyers and as private equity grows increasingly aggressive in pricing in an effort to put money to work, we see strategic buyers dominating 2015.

Growth will continue to be the main driver of valuations throughout 2015. Premium multiples go to the companies with a demonstrated high growth track record and robust pipeline for future growth. Growth eclipses profitability through 2015.

 

 

 

 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, the NVTC Digital Strategy Committee writes about the group’s recent event on digital strategy and public safety, featuring Fairfax City Fire Department Chief Richard R. Bowers, and how it revealed several very interesting and useful challenges for the NOVA business community.


The Northern Virginia Technology Council’s (NVTC) Digital Strategy Committee (#nvtcdigstrat) recent event regarding Digital Strategy and Public Safety, featuring Richard R. Bowers – Chief, Fairfax Fire Department – revealed several very interesting and useful challenges for the NOVA business community.Not least of which was the current challenges around focused, resourced digital strategy planning across the County constituent agencies, and among local jurisdictions.Many targeted capabilities and improvements in “front-end” digital tools, outreach and engagement, plus initiatives on the “back-end” to handle system-specific data and information management are certainly underway, but information-sharing among the public safety stakeholders – businesses, government and the public – remains a strategic planning, governance and education hurdle to address. In other words, a B2G2C digital strategy challenge.NVTC Digital Strategy with Fairfax Fire Chief Richard Bowers

“Simplicity” was a key concept – that seems hard to maintain in the first responder settings, particularly with the profusion of both new technology equipment and situational data. Chief Bowers illustrated the challenge with local EMS responders – on route or on scene -having to quickly use and interact with at least 5 separate kinds of equipment:

  • EPCR (Electronic Patient Care Reporting)
  • CAD (Computer Aided Dispatch)
  • MDC (Mobile Data Computers)
  • NCR (National Capital Region) Patient Tracking System
  • Mobile Phones, iPads and Radios

The variety of interfaces, variety of data granulation, variety of authentication methods – it all adds up to what can be a burdensome expectation on responders, which creates higher risk in areas of data quality and security, process coordination and mission efficiency. This hinders, therefore, the ability of the entire responder community to deliver optimal outcomes – in spite of the number and types of technologies available and in use.

Furthermore, as the technologies available to both the responders and the public become more pervasive, easy to operate and use – for collecting or contributing incident reporting, sensory feedback and overall situational awareness data – it’s simply too difficult to add these inputs to the mix in a way that avoids information overload, or worse, information degradation or errors. There’s no common information architecture that anticipates a proliferation of device inputs, mobile and social channels.

A standard “dashboard” visualization service for use in the field, to quickly access the various systems and growing information sources, was also mentioned as a highly-desirable capability – particularly a dashboard to sensitive systems and protected information in a BYOD environment – i.e. on personal cellphones or tablets. A related need surfaced above the actual dashboard of the response vehicles and fire engines – actually having “heads up” display on the windshield of incident information, particularly GPS and route data.

Fairfax 2015 Police and Fire Games

The Committee was also briefed on the upcoming World Police and Fire Games, coming to Fairfax County at the end of June this year (2015). It’s anticipated that over 12,000 athletes and family/guests (over 30,000 in all) will attend the games, and that Fairfax County will experience tremendous global attention, regional pride and local economic benefit from hosting the event. Over 2000 volunteer slots remain open, along with many sponsorship opportunities for businesses, organizations or individuals. The Fairfax 2015 Games Website maintains all information for athletes and all other participants, from local accommodations and event venues, to a robust social community and online marketplace.

The NVTC Digital Strategy Committee looks forward to more collaboration sessions with the Northern Virginia public safety and First Responder community, and will continue to support information-sharing about B2G2C digital strategies.

Thanks to the NVTC event sponsors, speakers, coordinators and volunteers, including:

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, NVTC member company Carpathia discusses the upcoming year, predicting a transformative 2015 for government agencies and enterprises.


At the start of a new year we have the opportunity to look ahead and think about what trends will likely shape the coming months. 2015 is poised to be transformative for government agencies and enterprises, as an increasing number of organizations look to modernize their computing environments, expand their focus on secure and compliant hosting, and meet the growing demands of an increasingly mobile workforce. What trends will we see emerge this year?

Here are the top seven predictions we see for 2015:

  1. Hybrid Cloud Grows Up and “Gets Real” – Out of the buzz created by incredibly rapid IT technology advancements, the industry will finally emerge with a firm understanding of the gamut of “hybrid” options thanks to best practices derived from real-world cloud deployments.
  1. Compliance’s Operational Impacts Will Continue To Expand – Are your prepared to pass that next audit? After years of struggling with time-consuming and complex compliance processes and procedures, enterprises, agencies, and auditors alike will be even busier! But there is some light at the end of the tunnel – and it comes in the form of automation.
  1. Privacy Will Be Everywhere – Whether it’s electronic protected health information (ePHI) driven by ACA or information traveling between public and private cloud environments, harnessing and protecting data will be a focal point of every government and enterprise IT initiative.
  1. Agencies Get Cozier With Public Cloud – Government cloud computing adoption will hit its stride. Agencies will finally start moving a great number of workloads (and even some mission-critical ones) into the public cloud with FedRAMP authorized providers.
  1. Verticalized Cloud Communities Become the Next Boomtowns – There’s no one-size-fits all when it comes to cloud. As a result, industries with common compliance standards, such as healthcare, will turn to cloud service providers that can act as community organizers or hubs. In 2015, we’ll see the increasing emergence of vertical-centric cloud communities that can effectively cater to industry-specific needs and requirements.
  1. New Tools Will Enhance Infrastructure and Application Performance – Spurred on by rapid software development, software-defined networks, and faster hardware technology, rapid maturation of industry tools and services will help organizations enhance the performance of IaaS, public, private and hybrid cloud solutions in the coming year. Expect affordable resources that will extract even more value in the form of greater flexibility, security and self-service, alongside service-focused offerings from providers.
  1. Real-time Data-Centric Decisions Are the New Norm – In 2015, we’ll see IT-enabled data-centric decisions across platforms become common practice for many organizations. Deeper insight into usage patterns and greater visibility into network operations and performance across computing infrastructure will allow organizations to make better-informed decisions about workload allocations and respond faster to enterprise nee

Do you agree with Carpathia’s predictions? Let them know on Facebook or Twitter. In addition, follow NVTC on Facebook and Twitter! We would love to hear your thoughts on what trends will be game-changers in 2015.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Finding the Right Teaming Partner

December 22nd, 2014 | Posted by Sarah Jones in Guest Blogs | Uncategorized - (Comments Off)

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, Stu Funk of LMI and Amy Deora of Summit share teaming insights from a recent project.


Many factors drive teaming partner success. Whether you are looking for the right set of skills to meet client requirements, or the ability to quickly turn quality proposals, it is important to be strategic about teaming. Stu Funk of LMI and Amy Deora of Summit recently partnered on a cost savings analysis of the Department of Housing and Urban Development’s (HUD’s) energy investments. They share their insights on teaming strategy.

Q: What do you look for in teaming partners?

Stu Funk: We view small business partnerships as essential to LMI’s health. We look for small businesses with strong management that help us better understand client problems and meet niche needs. When an opportunity arose in support of HUD, we felt that Summit was a great fit, given its strong track record with the client. We also felt the project showed promise in advancing how agencies measure energy efficiency. Summit brought key analytical capabilities and organizational knowledge.

Amy Deora: We often look for the opportunity to be on a team where we can use our core competencies in partnership with a firm that has a different set of competencies, which ultimately allows us both to reach a greater breadth of projects than either firm could complete alone. For example, for our current partnership, LMI brings subject matter expertise in best practices in energy efficiency programs, whereas Summit provides methodologically rigorous utility consumption modeling, while other teaming partners bring expertise in affordable housing policy. In this way, we’re more than the sum of our parts and can provide comprehensive approaches to client problems.

Q: How does “culture” affect your choice in partners?

Stu Funk: As a not-for-profit consultancy, a client-focused culture means everything. We are fortunate that profit is not the driving force behind how we vet and deliver projects. We place our clients first and we like our partners to do so as well. We find this mindset makes a difference in the quality we deliver. Summit showed care for solving our client’s problem before worrying about the bottom line.

Amy Deora: Summit’s most fruitful teaming partnerships also come from mutual client focus. LMI has been a good fit for us because of this shared priority. In cases where teaming hasn’t worked well or we decide against embarking on the project together, it usually is because the firm lacks the same focus on client satisfaction.

Q: What do you bring to your teaming relationships?

Stu Funk: We strive to be an excellent teaming partner. While we need to consider the financial success and sustainability of our small business partners, we are committed to supporting them where we can — from offering access to project management systems to providing training and market intelligence. With Summit, we have discussed “capture” on other opportunities and our current work led to some new work for Summit within the same office.

Amy Deora: Even though Summit is a small business, we know it’s a two-way street when teaming with a larger business. We don’t just expect a large business to bring us opportunities; we need to provide them as well. We have strong client relationships and subject matter experts that can bring our partners, even those that are much larger firms, into new lines of business, or engage them to provide additional support on our ongoing projects. Small businesses can be the leader in this way, opening up networks for larger businesses, while benefiting from larger firms’ bench strength.

Q: What advice do you give someone who is testing the waters of a new teaming relationship?

Stu Funk: The ultimate goal with teaming partners is to craft a plan that solves a client problem. Make sure client needs are being addressed up front, so that you not only bid and price effectively, but you deliver on your promises. From the outset, you and your teaming partners should be in agreement on what needs to be delivered.

Amy Deora: Setting clear expectations from the beginning is key, especially in large, complex, and fixed-price projects. Even in the business development stage, clear roles and responsibilities should be determined. Be honest with your potential teaming partner about any potential staffing “holes” or any areas in which you do not have strong qualifications so that you can all better prepare to serve each other and your client.


Stu Funk leads the energy and climate change practice at LMI, a not-for-profit consulting firm dedicated to advancing the management of government. He has 38 years of experience in energy and logistics planning and execution, climate change planning and management, strategic planning, facility planning and recapitalization, weapon-system acquisition, and resource analysis

Amy Deora is senior manager in the applied statistics and economics practice group at Summit, a data analytics advisory firm that guides federal agencies, financial institutions, and litigators as they decode analytical challenges. More about her background and experience can be found at the Summit website.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, Kathy Stershic of member company Dialogic Research and Communications shares how public sector CIOS can and should prepare to take advantage of the Internet of Things while creating a secure, trusted foundation for the long term.


Gartner defines IoT as “the network of objects that contain embedded technology to communicate and sense or interact with their internal states or external environment.” At present, that generally means a machine-to-machine connection, although an expanded ‘Internet of Everything’ may well evolve to include people-to-machine and process-to-machine connections in an ever-growing ecosystem.While select commercial applications are beginning to appear, at this very early stage IoT is one area in which Public Sector IT has a unique opportunity to lead—creating large scale deployments driven by constituent demand, growing security threats, and the economic imperative to “do new with less.” For example, smart street lighting solutions can reduce crime while saving money; combined water management, smart grid and waste management can yield greater ROI on energy investment; connected warfighters can bring dominance to the battlefield, faster.

While the opportunities are many, so are the risks. IoT presents exponentially increased threats in a dynamic landscape. There is no more network perimeter. Embedded, non-standardized sensor hardware creates an increased number of connected threat points, many of which will result from the ‘smartification’ of traditionally dumb devices never intended for software or IP and built by manufacturers not accustomed to thinking about digital security.

There is a pending vast amount of data to be generated by new sources—how must it be secured as it moves and permutates? The public internet is highly vulnerable, but even isolated networks are not impermeable— think back just a short time to Stuxnet.

Human error is a leading security concern, whether due to inadequate data security policies, non-adherence to existing policies, intentional malicious acts, or even the increasing shift to BYOD.

IoT success hinges on trust, making privacy another major issue. What data is captured and stored? How? Who owns it? How may it be used? How should and will it be protected through its use cycle, and by whom?

While these challenges apply generally to IoT deployments, the Public Sector faces some truly unique and consequential situations. Consider the implications of generating data that precisely reveals the location of dismounted soldiers in combat, the specific timing and location of municipal buses en route, safe campus video monitoring, or public health threat information, to name just a few.

Given the enormous changes that IoT will eventually bring, Federal regulation and policy are inevitable but will remain unclear for some time, politics being what they are. State and municipal-level policies vary greatly. Policy needs to be appropriately aligned to possibility for each environment, but some formidable issues must be addressed first:

-          Data Collection. Many public sector mission and business leaders want to collect data from untrusted sources that can facilitate better, faster decision-making, such as improving threat, health or environmental analysis. But many current cybersecurity policies conflict with data collection, limiting what can be captured. The pressure is on IT to open up, yet security can’t be compromised.

-          Cybersecurity. To date, the market has been served with a complexity of disparate point solutions, mostly focused on prevention. Defense will always be the priority goal, but with malwares proliferating at two per second (and accelerating), a 100% prevention strategy is simply not possible. Malicious actors need to be right only 1% of the time or less to permeate the firewall. Therefore, it’s not only prudent but necessary to prepare for the full aBack conCnuum―before, during and aEer. An appropriate solution requires layers of security that span prevention, halting an attack in progress, and accelerating remediation after it occurs.

-          Bandwidth will always be limited, but data volume is only growing, with much of it useless—driving the need for edge-based data analytics to ensure the flow of just the most relevant data to those who will make use of it. Policy must guide what is considered most important and relevant, and who needs to receive what level of information.

-          Cloud. Not surprisingly, as adoption of cloud-based services increases, incidents of cyber-attacks on cloud environments are now nearly on par with attacks of on-premise equipment. IoT connectivity will force a growing intersection of domains in the cloud environment: sensors and networks, IaaS and SaaS, Big Data analytics—yielding an increasingly expanded and vulnerable enterprise environment. Persistent security enforcement and information management policies are needed, where responsibility is shared between the service provider and the customer, to protect the data and the devices and people connected to it.

What then must CIOs consider when preparing for Trusted IoT deployment?

Given these challenging issues, Public Sector CIOs should lay some important groundwork when embarking on their IoT journey:

-          Carefully plan the number and scope of initial IoT deployments that an organization can afford to undertake, including the investment in the needed people and skills, applications, analytics technologies and risk mitigation required to capitalize on the opportunity value: IaaS/SaaS, cybersecurity and Big Data. In an era of ridiculously tight budgets, existing infrastructure must obviously be leveraged as much as possible.

-          Establish and maintain trust throughout the data lifecycle. Consider solutions like Suite B encryption (devised by the NSA), which secures data out to the tactical edge. Reliable firewalls between cloud and fog network nodes are also needed. Beyond the technology, only capture data that is truly needed for the business or mission purpose, then be transparent with citizens and stakeholders. Let them know what is collected, why, how it’s used, and how it’s managed and protected. Provide easy opt-outs when possible.

-          Prepare for the full attack continuum. Design a robust security platform rather than approaching security from a point-topoint perspective. A combined hardware and software platform managing the connection, the applications, the devices and the data will enable CIOs to more readily enforce security policies and provide for security persistency. Correctly applied analytics can identify an attack in progress and help to remediate damage more quickly, but this approach will require intelligent information stewardship along with tight security.

-          Educate the workforce. Push security messages frequently. Set reasonable access and geo-fencing policies that balance the desire for expanded data collection with the need for security, then enforce them as much as possible. Revisit them annually to assess and accommodate changing stakeholder requirements.

-          Explore innovation partnerships with the private sector to create technical and policy solutions to IoT challenges. Feasible solutions can later be adopted cross-domain to maximize the potential benefits.

The Internet of Things has the potential for sweeping disruption, perhaps on par with only a few milestones in recent history such as World War One and the Industrial Revolution. While IoT may forever change the way public sector leaders protect and serve, trust is paramount to IoT success. Constituent participation will be weighed as a trade-off for utility received, such as a better citizen experience or increased public safety. Thoughtful, holistic planning should include not just the technological, but the fiduciary, legal and ethical aspects that will engender trust and drive to the greatest public good.


Kathy Stershic is Principal Consultant of Dialog Research & Communications, a consulting firm serving IT Executives through thought leadership messaging and informed, strategic communications planning. kstershic@dialogrc.com; blogging@dialogrc.com; @kstershic

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, John Beveridge of Rapidan Inbound shares insights both on closing deals as well as developing a business that you want to close from the Nov. 20 Small Business and Entrepreneur and Business Development, Marketing & Sales joint committee event.


One of the most difficult things for tech companies, or any company, for that matter, is creating revenue from your technology. Unfortunately, it’s not a matter of build it and they will come.On Thursday, November 20, the Small Business and Entrepreneur and the Business Development, Marketing & Sales Committees hosted a joint event titled, “The Art of the Deal – How Successful High-Growth Companies Close Deals.”

Hosted by Samantha Smith of Etail Eye, the event featured 3 executives from high-growth companies who shared their experiences on how to best generate revenue. Panelists included:

Marty Kaufman, VP of Operations, WeddingWire

Chris Marentis, CEO, Surefire Social

Carolyn Parent, Chief Experience Officer, Gravy

The panelists shared insights both on closing deals as well as doing the things you need to develop business that you want to close. Here are some of the tips the panelists shared.

  • A good way to start developing business is to develop your personal brand as well as your company brand. Creating good content is a great way to develop your personal brand and anyone can do it. Chris Marentis started Surefire Social with an eBook.
  • Economic down times create opportunities for new businesses. Carolyn Parent recommended that new businesses take what they can get and show results quickly. You may want to land that Fortune 500 account, but if a good SMB opportunity arises, take advantage of it. To close business, find some way to show them value quickly, even if it’s just a needs analysis.
  • New businesses can take advantage of sales technology to qualify new business opportunities. Marty Kaufman shared how WeddingWire’s data scientists use predictive analytics to help them target their business development resources to maximize revenue. Don’t overlook the affordable SaaS sales technology resources available to you.
  • Depending on which market you serve, your sales strategies will vary. B2C companies should look to create viral buzz around their products and services while B2B companies should position themselves as valued business partners to their customers. The B2G market moves at a glacial pace and sellers need to be early to the party.

These were just a few of the insights the panelists shared at the event. Want to learn more about business development, sales and marketing? Come to the next committee meeting on December 16.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, David K. Shepherd of LMI shares six strategies for reducing loss from data breaches. Check out previous blogs from LMI on a business-driven approach to IT decision-making and three business-friendly strategies to increase the value of enterprise architecture.


David Shepherd

David Shepherd, senior consultant and member of the Systems Development Group at LMI.

It’s no secret that data breaches are on the rise. These security rifts cost U.S. organizations an average of $195 per protected personal data record lost or stolen, with total costs averaging more than $5.8 million per organization breached. What may be surprising is that well-intentioned employees could be putting your data at risk..

How? To meet deadlines and collaboration requirements, employees skirt security rules protecting confidential documents by using personal email addresses and free file sharing services. Focused on completing tasks, they are unaware of the risks.

MeriTalk research shows that nearly 50 percent of federal agency security breaches are caused by security noncompliance. Forrester data reveals that the top reason for breaches (36 percent of companies surveyed) is inadvertent use of data without clear knowledge of polices. The problem is exacerbated by the proliferation of mobile devices that connect to cellular and Wi-Fi networks and upload data to the cloud.

Why do users bypass security? They take these risks to complete tasks within tight deadlines. They recognize this isn’t the “right” way to share documents, but feel they have no other options. Common complaints:

“Due to mail server size limitations, I cannot send a large file to my client.”

“Neither my client nor my company has a file-sharing tool.”

Balancing data protection and productivity

Increasing the number of security rules will not decrease employee data losses. The following six recommendations can help organizations balance the need for data protection, policy clarity, and productivity.

1) Understand employee needs when setting security policies

Engage users so you understand their day-to-day work and why they bypass security. Anonymous surveys and best practice initiatives are helpful tools. Consider granting amnesty to ensure you fully understand the problem. If your employees are using Dropbox, Box, or Google Docs, they are saying they need better storage and collaboration tools.

2) Conduct consistent, regular staff training at all levels

PricewaterhouseCoopers research reveals that most businesses invest only up to $400 per employee per year on cybersecurity training. The big exception is financial institutions, which typically spend $2,500 per employee each year. Employee training must be ongoing and pervasive—not an annual ritual. It must also include executives who are more likely to have data on multiple devices.

3) Provide a secure, flexible, and easy-to-use file-sharing tool

Employees started using cloud storage because providers offered free services with easy-to-use interfaces. These companies also offer enterprise versions, which include customizable interfaces, meet government security standards, and may even be branded with your organizational identity. Nearly all providers offer trials.

4) Deal with mobility

Organizations need to update mobile device policies to address both organization- and employee-owned devices. Solutions need to protect organization data while meeting security and employee usability needs.

5) Invest in effective prevention

Be proactive. Prior to a damaging event, security budgets are slim. After a breach, organizations can’t spend money fast enough. An event’s root cause is often due to problems with an organization’s processes. Hastily spending money on new tools won’t necessarily fix the root cause.

6) Consider suggesting tools, even if you can’t endorse their use

If an organization can’t provide a file-sharing tool, consider suggesting employees use a particular service. Wouldn’t it be better to monitor a single service closely, rather than attempting to monitor them all? If a bad breach occurs, the organization could immediately inform users and take corrective actions.

Our pristine networks are vulnerable to dedicated employees who are trying to do great work and meet impossible deadlines. If we don’t provide secure, capable tools, they will find another way. We can continue to fight against them, or we can investigate their needs, accept the challenges, and work to meet those needs while still ensuring security.


David K. Shepherd is a senior consultant in LMI’s Systems Development Group and has 25 years of experience as an information technology (IT) service management and security professional. He has designed, developed, managed, and maintained enterprise quality websites and applications for federal clients. He also advises clients on IT infrastructure issues, effective use of tools and techniques, and security engineering. He can be reached at dshepherd@lmi.org.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS