The companies that landed awards under Interior’s Foundation Cloud Hosting Services II contract are Accenture Federal Services, IBM, CGI Federal, SAIC, Cognosante, Zivaro and Smartronix. Those seven vendors will compete for task orders under the greater indefinite-delivery, indefinite-quantity contract. 

The announcements of the seven awards detail Interior’s statement of work for the contract, requiring cloud license and support services for infrastructure, platform and software in a cloud environment. 

This contract comes as the initial iteration of the Foundation Cloud Hosting Services vehicle is set to expire later this year. Awarded in 2013 to 10 contractors, the initial contract has a $10 billion ceiling.

In the department’s initial statement of work, it wrote about the latest contract: “This follow-on FCHS contract is shifting to multiple service provider focus and integration among our solutions and a hybrid model hosting environment vision. Providing interoperability and data integrations between multiple technologies and services across the Department bureaus and offices.”

It also complements Interior’s $1 billion cloud contract award to Peraton last year for its Cloud Hosting Solutions III acquisition, which enlists the IT contractor to manage the department’s portfolio of cloud services.

The post Interior awards $2 billion cloud hosting contract to 7 vendors appeared first on FedScoop.

The agency said Friday in a request for information that it is conducting market research to identify a service provider to modernize and “continuously improve” the existing cloud environment provided by Amazon Web Services. 

The department said in the RFI that FSA “must evolve cloud capabilities” for general purpose business use, to meet federal requirements laid out in a 2021 executive order on improving national cybersecurity and to “keep pace with today’s dynamic and increasingly sophisticated cyber threat environment.”

The request states that within the first year of awarding a contract, all on-premise applications and infrastructure that remains will move to the cloud. In the second and third year of the contract, “the entire cloud environment must be optimized and modernized as a dedicated workstream” through cloud native design principles in order to take advantage of the commercial cloud’s full benefits. 

“The preponderance of FSA’s applications will migrate into FSA [Next Generation Cloud], managed by the FSA chief information officer,” the request states.

This effort is unrelated to the recent updates to the Free Application for Federal Student Aid, which was recently overhauled to leverage cloud technologies for the transmission and delivery of FAFSA data, an agency spokesperson said in an email to FedScoop.

The post Department of Education begins market research for cloud capabilities appeared first on FedScoop.

The company on Monday announced that three of its classified, air-gapped cloud regions received accreditation from the Department of Defense to handle workloads at the secret level — what the department refers to as Impact Level 6 (IL-6).

The achievement comes after Oracle last August also earned a Top Secret/Sensitive Compartmented Information accreditation from the intelligence community. With both that and the latest secret-level cloud authorization, Oracle is approved to handle government information at any classification level in the cloud.

“America’s warfighters must have the world’s preeminent technology and our taxpayers insist that technology is delivered at competitive costs. Oracle is bringing both to the Department of Defense’s Secret networks,” Rand Waldron, vice president of Oracle, said in a statement. “Technology no longer sits outside the mission; technology is a part of the mission. In austere locations with limited communication, and in massive secure data centers, Oracle is bringing our best capabilities to serve the men and women that defend the U.S. and our Allies.”

While the news comes most to the benefit of the DOD, which is expanding its use of cloud in the classified space and at the edge through its Joint Warfighting Cloud Capability, it ultimately puts Oracle on a level playing field with its top competitors in the federal cloud space — Amazon, Google and Microsoft, which have all earned secret and top secret accreditations ahead of Oracle. Google announced its accreditation at the secret and top-secret levels just two weeks earlier.

Notably, it is those companies that Oracle is vying against for DOD task orders under its $9 billion JWCC cloud contract. Those companies also hold spots, with IBM, on the intelligence community’s multibillion-dollar Commercial Cloud Enterprise (C2E) contract, which requires work at the secret and top-secret levels as well.

The post Oracle approved to handle government secret-level data appeared first on FedScoop.

“In the last year, we have updated our strategic plan to focus on making sure that everyone understands our alignment with the mission itself. It’s not just about compliance. It’s not just about following the law. Yes, it is about following the law. But it’s not just about that,” USAID CIO Jason Gray said during a panel Tuesday at Google Cloud’s annual tech conference Next. “It’s about making sure that we’re supporting the missions and enabling and empowering them.”

USAID’s IT strategic plan, which runs from 2024 through 2028, is built around five pillars: “creating a culture of data- and insights-based decision making; delivering agile, secure, and resilient IT platforms; building worldwide skills and capacity; establishing pragmatic governance; and driving high operational performance.”

Gray said USAID’s journey to adopt cloud has been “critical” in better connecting tech to mission in recent years, namely by making it easier to connect and collaborate in austere environments around the world where USAID is called to deliver aid.

“Some of the areas and countries that we operate in, even getting power, reliable power is a massive challenge,” he said, adding that there are also “bandwidth concerns or severe latency.”

When Gray joined USAID as CIO in 2022, the agency was already well on its way to adopting cloud and had an existing partnership with Google Cloud — one that he credits as key in fostering communication and collaboration across international lines while taking care of the basic security requirements.

“Being able to collaborate across the world in real-time through the document management [tool], the security … is absolutely critical, as well,” Gray said. “And knowing that you are encrypting data in use, in transit, at rest” has been critical “because we’re complying, yes, we’re securing things but also enabling our end users to communicate with the implementing partners in the areas that we operate in.”

USAID was recognized in February by Rep. Gerry Connolly, D-Va., ranking member on the House Oversight Subcommittee on Cybersecurity, Information Technology, and Government Innovation, as the only federal agency to receive an A grade on the latest FITARA scorecard.

The post With updated IT strategic plan, USAID tech is a driver of mission, not compliance, CIO says appeared first on FedScoop.

With the authorizations, agencies across the Department of Defense and the intelligence community can use Google Distributed Cloud Hosted — an air-gapped private cloud service tailored to workloads that demand maximized security requirements — to support some of their most sensitive data and applications. 

Google also announced that it received authorization to host data and applications at the secret level for intelligence community missions. 

“This authorization underscores Google Public Sector’s commitment to empowering government agencies with secure, cutting-edge technology,” Leigh Palmer, vice president of delivery and operations for Google Public Sector, wrote in a blog post previewed by FedScoop before the announcement. She referenced “personnel records, information around pending cyber threats, geospatial data used for maps, language translation in support of humanitarian efforts, and more” as examples of the types of data the cloud environment can now support.

Not to be confused with Google public cloud offerings, Google Distributed Cloud Hosted was developed to be isolated and doesn’t require connection to the internet or Google Cloud.

In addition to boosted security, the company touts Google Distributed Cloud Hosted’s integrated cloud services, notably Vertex AI, a platform that supports the development of generative AI applications with more than 130 pre-trained AI models and offers access to Gemini, Google’s own multimodal large-language model. 

Lastly, Palmer in the blog points to the openness at the foundation of the platform as a differentiator. “GDC Hosted is designed around Google Cloud’s open cloud strategy and uses leading open source components in its platform and managed services. This openness includes support for managed open source services operated by our partners that are tightly integrated into the platform, providing a seamless user experience across management, billing, and support,” she wrote. 

The announcement comes after Google in December 2022 achieved an IL-5 accreditation to work with DOD’s highly sensitive, mission-critical and national security data workloads. 

Some of Google’s top competitors — Amazon, Microsoft and Oracle — also reached top-secret accreditation in recent years. Notably, the four companies also hold spots on the premier cloud contracts in the DOD and IC, the Joint Warfighting Cloud Capability and Commercial Cloud Enterprise vehicles, respectively. 

The post Google gets authorization to work with top-secret intelligence, defense data appeared first on FedScoop.

Following a massive data breach in 2015, OPM instituted a comprehensive overhaul of its IT and security practices. However, in the years since, it became increasingly clear that without modernizing its underlying IT infrastructure, many of the remedies OPM put in place were becoming outmoded in the face of ever more sophisticated cyberattacks.

That was especially apparent to Guy Cavallo, who arrived at OPM in the fall of 2020 as principal deputy CIO after leading sweeping IT modernization initiatives at the Small Business Administration (SBA) and before that at the Transportation Security Administration (TSA). He was named OPM’s CIO in July 2021.

Recognizing new cyber challenges

“We looked at the on-premises cyber tools that OPM was running since the breach and saw while they were effective, with today’s advancements in AI and cyber capabilities, they weren’t keeping up with the attack vectors we’re facing today,” said Cavallo in a recent interview. Threat actors had shifted to identity-based attacks using more sophisticated tactics, requiring advanced detection and response solutions.

“We knew with AI coming and the Executive Order on Cybersecurity requiring logging to get visibility into your environment, investing in on-premises hardware would be a never-ending battle of running out of storage space,” he concluded.

The cloud was “the ideal elastic storage case for that,” he continued. But it also offered other critical solutions. The cloud was the ideal way to host applications to ensure “that we’re always up to date on patching and versions, leaving that to the cloud vendors to take care of — something that the federal government struggles with,” he said.

Checklist for a better solution

Cavallo wanted to avoid the mistake he had seen other organizations make, trying to weave all kinds of tools into an enterprise security blanket. “It’s incredibly difficult to integrate them and not have them attack each other — or also not have gaps between them,” he said. “I’m a believer that simpler is much better than tying together best-of-breed from multiple vendors.”

That drove Cavallo and OPM Chief Information Security Officer James Saunders to pursue a fundamental shift to a cloud-native cybersecurity platform and “making that the heart of our security apparatus,” said Saunders.  

After reviewing the options, they elected to move to Microsoft’s Azure cloud-based cybersecurity stack “so that we can take advantage of the edge of cloud, and cloud in general, to collect data logs.” Additionally, it would mean “We didn’t have to worry about software patching and ‘Do I have enough disk space?’ It also allows us to springboard into more advanced capabilities such as artificial intelligence,” Saunders said.

Because OPM exchanges data with many federal agencies that rely on different data systems, Cavallo and Saunders also implemented a cloud access security broker (CASB) — a security policy enforcement engine that monitors and manages security activity across multiple domains from a single location. It also “enables our security analysts to be more efficient and identify threats in a more holistic manner,” Saunders explained.

Added benefits

“There is a general misconception that you can only use cloud tools from the host vendor to monitor and protect that environment.  We found that leveraging cyber defenses that span multiple clouds is a better solution for us instead of having multiple different tools performing the same function,” Cavallo added.

Microsoft’s extensive threat intelligence ecosystem and the ability to reduce the number of contracts OPM has to maintain were also critical factors in their decision to move to Azure, Saunders added.

The pay-off

The migration from on-premises infrastructure to the cloud was a complex process involving the retirement of more than 50 servers and the decommissioning of multiple storage areas and SQL databases, according to Saunders. The most challenging aspect, though, was not the technology but managing the transition with the workforce. Extensive training and organizational change management were as critical as the technical migration to the success of the transition.

According to Saunders, the benefits didn’t take long to recognize:

• Enhanced visibility: OPM now has a more comprehensive view of its security posture, thanks to the centralized platform and increased log collection.
• Improved threat detection and response: AI-powered tools and Microsoft’s threat intelligence helps OPM identify and respond to threats faster and more effectively.
• Reduced costs and complexity: Cloud-native solutions eliminate the need for buying expensive on-premises hardware and software, while also simplifying management and maintenance.
• Increased scalability and agility: The cloud platform allows OPM to easily scale its security infrastructure as needed to meet evolving threats and business requirements.

Collectively, those and related cloud benefits are also helping OPM make faster headway in meeting the administration’s zero-trust security goals.

Lessons learned

Perhaps one of the most important benefits is being able to demonstrate the magnitude and nature of today’s threat landscape to the agency’s leadership and how OPM is much better prepared to defend against it, according to Cavallo.

“When James and I showed them the visibility that we have from all those logs, it was a drop-the-mic moment for them. We can say we blocked 4,000 attacks in the last hour, but until you actually show them a world map and our adversaries trying to get into OPM, then be able to click and show the real details of it — those threats get lost in the noise,” he said.

“My recommendation at the CIO level is, this is a better mousetrap. But you can’t just expect people to flock to it. You have to go show them why it’s a better mousetrap.”

Among the other lessons Cavallo recommends to fellow IT leaders:

• Focus on simplicity: Choose a single, integrated security platform to avoid the complexity of managing multiple tools.
• Invest in training: Ensure your staff is trained and familiar with new cloud-native security tools and processes.
• Start small and scale gradually: Begin with a pilot project and gradually migrate your security infrastructure to the cloud.
• Communicate effectively: Clearly explain the benefits of cloud-native security to your stakeholders and address any concerns.

This report was produced by Scoop News Group for FedScoop as part of a series on technology innovation in government, underwritten by Microsoft Federal.

The post How cloud modernization transformed OPM cybersecurity operations appeared first on FedScoop.

A record 2,897 satellites were launched into orbit around the Earth by more than 50 countries last year, according to Jonathan McDowell, an astronomer and astrophysicist known for documenting space activity. An even greater number are expected to be launched in 2024.

All of that contributes to a supernova of new space-based communications and Earth-observation sensor capabilities, says Stephen Kitay, a former Pentagon deputy assistant secretary for space policy, now senior director of Azure Space at Microsoft.

“A huge transformation is happening in space — and the technology that was never there before — effectively extending the internet and edge computing into space,” Kitay said in the report, produced by Scoop News Group and underwritten by Microsoft.

What’s been missing until recently, he says, is a reliable and secure way to manage and transmit the explosive growth of satellite data being collected in space and the means to automate and manage satellite activities more efficiently.

That’s changing as a new era of secure, scalable cloud computing centers strategically located around the globe is developing to stay connected to all those satellites — along with a new generation of software platforms to manage the devices, applications, and data on board all of them, according to the report.

How federal agencies stand to benefit

The report highlights the rise of hybrid space architecture, which Microsoft helped pioneer under the Azure Space banner launched in 2020. The concept involves “bringing cloud and space technologies together to foster a partner ecosystem,” explained Kitay. That effort has spawned a variety of components, including:

• Azure Orbital Ground Station – designed to give satellite operators, including government customers, the ability to deliver space data with near-zero latency to Microsoft’s global network of Microsoft and partner ground stations.
• Azure Orbital Cloud Access – enables a seamless cloud experience anywhere on the planet by combining Microsoft Cloud with low latency satellite and 5G communications.
• Microsoft Planetary Computer – a multi-petabyte catalog of global open geospatial data with intuitive APIs aimed at helping researchers, scientists, students, and organizations worldwide gain valuable insights from Earth observation data.

At the same time, Microsoft is “bringing our code and our software into space by empowering developers to build applications on the ground in the cloud and then seamlessly deploy them on board spacecraft,” Kitay said.

The report also highlights examples of how federal agencies, such as the U.S. Forest Service, the Environmental Protection Agency, the Department of Agriculture and the Defense Department, among others, stand to gain powerful new insights from Earth observation data to better support their missions.

“Removing the barriers to seamless and secure connectivity from ground to orbit creates entirely new opportunities for federal government customers, including those operating in classified environments,” said Zach Kramer, vice president of the Mission Engineering unit at Microsoft.

“Defense and civilian agencies can leverage this ubiquitous connectivity to develop and deploy new applications, gather and transmit data at the speed of relevance, and gain an information advantage to serve the American people.”

Download the full report.

This article was produced by Scoop News Group, for FedScoop and underwritten by Microsoft.

The post How Azure Orbital and the cloud are expanding our worldview appeared first on FedScoop.

During the FTC Tech Summit, Khan said that the FTC will focus on assessing if agreements between major cloud providers — such as  Amazon, Microsoft and others — are influencing the “competition across layers of the AI stack.” 

Khan said that the FTC will prioritize key principles of “how business models drive incentives” and “crafting remedies that address the underlying business incentives and establish bright line rules on the development use and management of AI inputs.” 

The commission, through its 6(b) authority — part of the FTC Act that empowers the agency to question a business’s “organization, business, conduct, practices, management and relation to other corporations, partnerships and individuals” — will conduct this inquiry into different providers and developers. 

Khan said during the event that the remedies the FTC will focus on include deleting AI models themselves along with unlawfully collected data. 

“The FTC’s work has made clear that these business incentives cannot justify violations of the law,” Khan said. “The drive to refine your algorithm cannot come at the expense of people’s privacy or security, and privileged access to customers’ data cannot be used to undermine competition. We similarly recognize the ways that consumer protection and competition enforcement are deeply connected with privacy violations fueling market power, and market power, in turn, enabling firms to violate consumer protection laws.”

Khan pointed to the commission’s recent order against Rite Aide that placed a five-year ban on the use of facial recognition tools after the AI-based technology incorrectly identified customers as those  who had previously shoplifted or individuals who had been identified previously as a “troublemaker.”

“Much is uncertain about what the precise future of this technology will look like, but the good news is we have the experience and expertise to meet the moment,” Khan said. “By continuing to sharpen our thinking and faithfully enforce the law, we can unleash AI’s potential benefits while safeguarding Americans from the potential harms.”

The post Federal Trade Commission announces market inquiry between AI developers and cloud service providers appeared first on FedScoop.

Hashmi’s last day will be Dec. 29, the GSA said in a statement. Upon his exit, FAS Deputy Commissioner Tom Howder, who has been with GSA for 36 years, will serve as acting commissioner, the statement said. The agency didn’t disclose where Hashmi was headed, but GSA Administrator Robin Carnahan said the agency wishes “him all the best in the future.”

“Sonny’s thoughtful and intentional leadership has helped GSA make history,” Carnahan said in a statement included in GSA’s release. “This past year alone, FAS helped federal agencies buy more than $100 billion in mission-enabling products and services, an increase of 36 percent over the last three years. Importantly, more than one-third of that went to small businesses, and nearly half of GSA’s own investment dollars were awarded to small businesses.”

Hashmi has been the top official at the GSA acquisition arm since January 2021. He has overseen the delivery of roughly $90 billion in acquisition and procurement across federal agencies, according to his GSA biography page. That biography also described Hashmi as “a cloud computing thought leader in the emerging technology industry.”

Prior to taking on his most recent role at GSA, Hashmi was managing director of global government at Box, where he focused on cloud for the public sector, according to his LinkedIn profile. Before that, he served as chief information officer and chief technology officer at GSA between 2011 and 2015. There, he led the agency’s IT modernization strategy as it moved to cloud computing.

In a statement included in the release, Hashmi called his time at FAS “a true honor.”

“I’m confident that FAS is better prepared than ever to meet the needs of both its federal partners, who require innovative products and services, as well as the Americans who depend on their government to deliver,” Hashmi said.

The post Top GSA Federal Acquisition Service official, Sonny Hashmi, to depart appeared first on FedScoop.

Mendes will take on a new role as CIO for Tarrant County, Texas, starting in January, according to the post. His move comes after roughly four years as Commerce’s CIO and previous leadership roles at the International Trade Administration and the U.S. Agency for Global Media.

“Well friends. I am retiring from the Fed!” Mendes wrote in his post. “Over 14+ years, far exceeding expectations and bets when I joined, I have had a ball.”

Before taking on the top information technology role for Commerce in August 2019, Mendes was CIO for the agency’s International Trade Administration for nearly two years. There, Mendes said, he became “the first Portuguese to head a US Agency, [and the] highest ever ranked career Latino at Commerce.” He attributed the agency’s success to the “extraordinary cadre of individuals” with whom he worked.

Mendes also spent more than eight years in various leadership roles at the U.S. Agency for Global Media, formerly the U.S. Broadcasting Board of Governors (BBG), before joining Commerce. Those roles included CIO, chief technology officer, chief operations officer, and acting chief executive officer and chief financial officer, according to his LinkedIn.

“At the BBG, we transformed a once great organization that had become ossified. By the time we left, the BBG had the widest distribution portfolio of any western media, Shortwave to Twitter. Audience rose from 165M to 278M in 6 years. We were 90% cloud based by 2014,” Mendes wrote. 

Mendes’s last day is Dec. 31, according to his post. His new role in Tarrant County — where he said he’s commuted from weekly for the past two-and-a-half years — begins Jan. 2.

The Department of Commerce didn’t immediately respond to a request for comment.

Mendes has won several FedScoop 50 awards and was a recipient of the Golden Gov: Federal Executive of the Year award in 2023.

The post Commerce CIO Mendes announces retirement from federal government appeared first on FedScoop.