BlueHalo continues its fast acquisition streak

The merger and acquisition fires are burning hot over at BlueHalo, the private equity backed firm that is targeting the national security market.

Formed through a roll up of several companies in late 2020, BlueHalo has completed its fifth transaction of the past year and its second in just the month of November.

BlueHalo's latest acquisition is of Asymmetrik Ltd., a software developer focused on the intelligence community. That follows the purchase of Citadel Defense in early November. Citadel develops counter unmanned aircraft solutions.

The run of transactions started in December 2020, when BlueHalo acquired two companies -- Base2 LLC and Fortego LLC -- to add cyber and signal intelligence capabilities.

BlueHalo then acquired Design and Development Engineering Services, a maker of electronic systems for military and national security space platforms.

In a March Project 38 podcast, CEO Jonathan Moneymaker described the strategy and how BlueHalo focuses transformation of modern warfare.

With the Asymmetrik deal, BlueHalo is growing its presence among intelligence agencies based in Northern Virginia and Fort Meade, Maryland. The company develops solutions around open source intelligence, artificial intelligence, cryptocurrency, blockchain analytics and other areas.

Asymmetrik brings 120 employees to BlueHalo.

Sheppard, Mullin, Richter and Hampton served as legal counsel to BlueHalo. Chertoff Capital served as financial adviser to Asymmetrik and Holland and Knight served as legal counsel.

Posted on Nov 23, 2021 at 12:28 PM0 comments


PAE loses last shot at FBI name database

PAE’s run at a nearly $50 million FBI contract that has been mired in protests for most of the year may have finally reached a conclusion after the company's second protest was rejected.

The Government Accountability Office's latest decision is the opposite outcome PAE received in May when its protest was successful.

PAE and Xcelerate were competing to provide administrative and analysis support for the FBI’s National Name Check Program system, which is used to whether a name appears anywhere in FBI records. The system often used for background checks, security clearances and criminal investigations.

Xcelerate won the competition last spring with a bid of $47.1 million, compared to PAE’s of $46 million. But Xcelerate had higher scores for its workforce plan and key personnel, so that swung the FBI's decision.

But when PAE protested, GAO ruled in favor of the company and found fault with how the FBI evaluated factors such as staff size and key personnel. The GAO told the FBI to re-evaluate proposals and make a new award decision. The FBI also had the option of clarifying its requirements and allowing bidders to revise their bids.

After the FBI reworked the evaluation, it again awarded the contract to Xcelerate and again PAE protested.

But this time, GAO sided with the FBI and denied PAE's protest last week. Details of the second decision haven’t been publicly released yet.

Posted on Nov 22, 2021 at 9:24 AM0 comments


Special Operations Command previews $150M financial management support contract

The U.S. Special Operations Command has released a draft solicitation for a $150 million contract to acquire professional services in support of Socom's financial management operations.

Comments on the draft are due by Nov. 29 and a virtual industry day is planned for Dec. 2. You must register by Nov. 29 as well. The industry day will be conducted over Zoom and companies are limited to two attendees each.

The five-year contract is being set-aside for service-disabled, veteran-owned small businesses and will be a single-award competition..

Socom is seeking support in budget formulation and execution, accounting support, defense financial management and travel support, and policy formulation

Self-scoring criteria will be used to determine a first cut of bidders, who will have to submit up to five work samples as evidence of their self-scoring.

According to Deltek, the incumbent contractor is St. Michaels Inc. That company is headquartered Woodbridge, Virginia and has offices in Tampa, where the Special Operations Command is headquartered. St. Michael’s also is a service disabled-veteran-owned small business

Posted on Nov 22, 2021 at 12:15 PM0 comments


Cybersecurity advocate Alan Paller dead at 76

Alan Paller, one of the earliest advocates for a strong cybersecurity posture, died on Nov. 9. He was 76 years old.

Paller was the founder of the SANS Institute, which focused on training and education of IT professionals. Established in 1989, the organization trains more than 40,000 people a year.

This New York Times obituary describes him as a “gentle but relentless champion for cybersecurity education.”

More than nearly anyone else, he saw education as a first line of cyber defense. He also argued that a weak cyber posture was a threat to both the nation’s competitiveness and its national security.

Paller’s leadership across government and the private sector was recognized multiple times. He won an FCW Federal 100 award in 2009 and had previously served as a judge for the program.

The New York Times article quotes several high-ranking government officials commenting on how effectively he advocated for the cybersecurity workforce.

A second obituary on Legacy.com also offers comments from others who spoke of his loyalty and friendship as well as his love of family.

In addition to the SANS Institute, Paller also founded the National Cyber Scholarship Foundation to identify cybersecurity talent in high schools and colleges. He also was the president emeritus of the SANS Technology Institute, an accredited cybersecurity college and graduate school.

Paller is survived by his wife, Marsha Mann Paller; two daughters, Brooke Paller and Channing Paller; sister Joan Bines; and two grandsons.

Funeral services were held privately.

Posted on Nov 18, 2021 at 1:27 PM0 comments


EPA releases draft of $250M small biz IT contract

The Environmental Protection Agency has released the draft solicitation for a $250 million contract to acquire a variety of information management services from small businesses.

Deltek estimates the Information Management Center Services V contract will be worth $250 million. The incumbent contract is held by Arctic Slope Mission Services, which won the work in 2017 and is slated to continue through February 2022.

Only small businesses with the 8(a) designation can compete for the single-award contract.

The EPA uses the contract to meet requirements in four areas: docket center, libraries, records and digitization. The contract will be used by EPA headquarters and all 10 of the agency's regions across the country, according to a new posting at Sam.gov.

Specific services include:

  • Program management
  • Management and administration
  • Web development and maintenance
  • Presentations and training
  • Customer service
  • Information technology systems
  • Collection management and modernization
  • Records management
  • Docket workflow
  • Library services for the Office of General Counsel Law Library
  • Library services for the Fort Meade Library
  • Digitization services

The EPA expects to release the final RFP by Dec. 16., when the agency will reveal the due date for proposals as well.

Posted on Nov 18, 2021 at 8:00 AM0 comments


Are better debriefings driving down protests?

Prevailing wisdom says every contract gets hit with a protest. That is often true for the headline grabbing multibillion-dollar vehicles.

But the truth is most contracts aren’t worth billions and most contracts don’t get protested.

In fact, the government's 2021 fiscal year marked the fifth in a row that the number of protests filed with the Government Accountability Office fell, according to its annual bid protest report to Congress. The one caveat is fiscal 2018, when there was an increase of below 1 percent.

Fiscal 2021 saw 1,897 cases filed at GAO, down 12 percent compared to fiscal 2020 that saw 2,149 cases.

It is important to note how GAO counts cases. Each case does not represent an individual contract or task order award. A single contract can have multiple cases associated with it. For example, Company A files a protest and then makes supplemental filings. GAO counts each filing as a separate case, even though all the cases involve the same procurement.

The five-year decline (from 2017 to 2021) followed a rise in the number of cases from fiscal 2012 to 2016. That excludes fiscal 2013, which was down 2 percent from fiscal 2012.

GAO doesn’t speculate on what's behind the decline. But it is worth noting that starting in 2018, the Defense Department started conducting what are called “enhanced” debriefings that allow for more dialogue with companies after they’ve lost a contract. That means unsuccessful bidders get more information on where their bid fell short.

Our own research in 2018 concluded that many companies filed protests simply to learn why they lost.

The House Armed Services Committee's report on the 2022 National Defense Authorization Act also talks about the value of enhanced debriefings to reduce bid protests.

“In order for the Department to gain the full benefit of enhanced debriefings, the committee emphasizes the demonstrated value of meaningful, in-person debriefings to avoid unnecessarily costly and time-consuming bid protests,” that report states.

The committee wants the Defense Department to provide a briefing on efforts to implement enhanced debriefings by Dec. 30.

A second reason that might be driving down the number of protests is limits on GAO’s jurisdiction over large, multiple-award indefinite-delivery/indefinite-quantity contracts.

Task orders under civilian IDIQS must be worth at least $10 million. For defense contracts, the task orders must be worth at least $25 million.

Anything under those thresholds, you can’t file a protest at GAO.

As agencies increasingly use these vehicles, it is reasonable to expect fewer protests.

When you get past the annual number of cases, GAO other measures hold steady.

The rate of sustained protests -- cases where GAO decides in favor of the protester -- was at 15 percent for fiscal 2021. That is the same rate as in 2020 and 2018.

The rate was 13 percent in 2019 and 17 percent in 2017.

GAO also measures the “effectiveness rate," which combines the sustained cases with the cases where the agency took some sort of corrective action to address issues raised in the protest.

The rate in fiscal 2021 was 48 percent, which also is in keeping with the numbers we’ve seen over the last five years -- 51 percent in 2020, 44 percent in 2019, 44 percent in 2018 and 47 percent in 2017.

Those high percentages explain one motivation for why companies protest -- they are seeking some action by the agency and they are getting it.

It is also worth noting that of the 2,017 cases filed in fiscal 2021, only 581 went to a full decision by GAO, or slightly more than one-fourth.

Of the 581 that went to a full decision, only 85 were sustained, or 14 percent.

GAO also reported that of its 2021 protest cases, 401 were protests involving challenges to task order awards. In 2020, GAO heard 417 task order protests, down from 373 in 2019, when there was a 35-day government shutdown.

GAO also notes the most common reasons it sustains protests -- unreasonable technical evaluation; flawed discussions; unreasonable cost or price evaluation; or unequal treatment. Or sometimes a combination of more than one.

Posted on Nov 17, 2021 at 3:52 PM0 comments


BigBear builds exec team ahead of public market debut

As BigBear.ai moves toward becoming a publicly-traded company later this year, it has made several leadership moves to build the necessary infrastructure.

Samuel Gordy, a former IBM and Leidos executive, has been named chief operating officer and president of federal for the company that specializes in artificial intelligence and cloud-based data analytics.

Gordy earlier this year left IBM, where he was the general manager of its public and federal market sector. He started at BigBear on Nov. 1.

BigBear also has appointed Jeffry Dyer as president of commercial. He most recently was  senior vice president of North American sales and operations at Sisense. He has also held senior posts at companies including Skytap, MicroStrategy and SAP America.

Claire Morse has been appointed as BigBear’s chief human resources officer. She joins from Salient CRGT, where she was vice president of people and culture. Her career also includes HR leadership posts at Bechtel and ManTech International.

“As we continue to execute our growth strategy and prepare to emerge as a publicly traded company later this year, we are focused on attracting and retaining top-notch talent with the skills and expertise to accelerate our progress and ensure we enter the public market on strong footing,” BigBear CEO Reggie Brothers said.

BigBear announced in June that it would go public by the end of the year through a merger with GigCapital4, a special purpose acquisition company or so-called blank check firm.

Posted on Nov 17, 2021 at 1:34 PM0 comments


Buchanan & Edwards acquires cyber services company

Buchanan & Edwards has made just its second acquisition since the company's founding in 1998 in a transaction that adds cybersecurity and other mission-focused technical skills.

BE will merge RenXTech with R2C, which BE acquired in 2017. Terms of the transaction for RenXTech, formerly Renegade Technology, were not disclosed.

RenXTech CEO Daniel Smith will run the combined businesses as president of intelligence operations. Former R2C CEO Tara Davey has been promoted to chief operating officer of BE.

RenXTech brings to BE capabilities around delivering cyber, technical, analytical and operational support to federal and commercial customers. The company helps customers identify threats and protect data.

"RenXTech was a great fit for us in every category. Culturally, their focus on the customer, the mission, and their employees paralleled ours, and we share common values with their team, including our companies’ shared purpose of solving challenges of national security significance to protect the American People," said Eric Olson, CEO of BE.

Posted on Nov 16, 2021 at 12:10 PM0 comments


Jacobs objects to lost $650M incumbent Army contract

Jacobs has lost a $654.8 million incumbent contract to rival bidder Trax International and has now turned to the Government Accountability Office in hopes of a second shot at the work.

Jacobs has held the contract to support the Aberdeen Test Center since 2014, but Trax won the recompete in October.

The contract covers a wide range of services that support the test center including engineering, scientific, business management, technical, and other professional services. The contract also supports a variety of test center directorates and supporting offices such as the Command Staff, Plans and Operations, Survivability and Lethality, and Test Technology.

The contract is worth $654.8 million over five years.

Trax won the contract Oct. 20. Jacobs filed its protest Nov. 15. A decision from GAO is expected Feb. 23.

Posted on Nov 16, 2021 at 1:15 PM0 comments


CACI joins GitLab's partnership network to advance software development skills

Companies are forever trying to show how they are different from the competition.

Sometimes it isn’t much more than pretty words and graphics on their website. But other times, companies move to show customers they are doing substantive things that others aren’t.

CACI International recently joined the GitLab Partner Program as its first federal systems integrator. GitLab is a platform that enables DevOps, the software development practice that also brings in IT operations.

DevOps and its close cousin DevSecOps, which layers in security to software development, are areas that CACI has developed as a core capability.

“As a company, we are focused on investing ahead of need,” said CACI Chief Technology Officer Glenn Kurowski. “That means technology but underneath that is software, software development; its data and the analytics on that data.”

CACI has invested in delivery of what it calls "software development at scale," which Kurowski likened to a three-legged stool.

“One leg is agile software development, one leg is open modern software architecture and one leg is DevSecOps,” Kurowski said.

One advantage of DevSecOps is the pace at which software is delivered to the agency and to effectively deliver at that pace requires collaboration among between the contractor and the various customer stakeholders.

“It means shifting things to the left. ‘You shift security, you shift quality assurance and inspections, you shift verification,” Kurowski said. “You do things earlier but you have to do it collaboratively as a team. You don’t insert things on the backend that causes you to go all the way back to square one.”

DevSecOps requires multiple steps and feedback loops for testing and bringing in stakeholders.

“To do that you need to have tools so all those people can do their jobs at a high velocity and at a high quality,” Kurowski said.

A software development team's work can be broken into buckets, but “they’re not necessarily sequential,” he said.

Agile has its own language in many ways. There’s the “backlog,” which is the requirements. There are “epics,” which are broken down into “features.” Features are further broken down into “stories,” which are short descriptions of the small pieces of desired function that you want.

The stories include points around complexity, risk and the amount of work required. That’s just the planning phase, Kurowski said.

“You need to involve a lot of people in the work. You should involve security. You should involve quality assurance and of course you involve your developers and product managers,” he said. “So the whole idea is everybody's involved continuously so that you don't have a bunch of developers who throw it over the transom to a bunch of operators who say, I can't deploy this because the configuration doesn't work, and they throw it back.”

To do this work, agile development teams need tools and that’s where GitLab comes in, Kurowski said.

GitLab has flexibility to be used as a service or it can be used on the customers’ systems, depending on the customer and any restrictions they may have.

CACI and GitLab have named each other strategic partners. CACI will train their employees to use GitLab and become certified in their capabilities. The plan is to create a community of practice and it has a C-suite champion, which is Kurowski.

Kurowski will lead the effort to push those capabilities down into the company and across the different parts of CACI. The company will allow developers to use something besides GitLab but those will be limited because CACI wants to create repeatable solutions.

The partnership means that CACI can go to GitLab for advice and it will have access to GitLab’s many commercial customers and bring some of those practices to the federal market.

“That’s why we’re excited about GitLab because we see it as a very disruptive technology,” Kurowski said. “It’s the first DevSecOps platform at scale.”

"At scale” is important to CACI when you consider some of the large software development contracts such as the Homeland Security Department’s $1.88 billion BEAGLE contract to modernize back office systems and processes, plus a separate $880 million Army contract for a force management system.

CACI is working on hundreds of applications at any one time.

“That’s a lot to coordinate and you’d like to have a platform that provides you an easy way to determine what work you want to do and when you want to do it,” Kurowski said.

“The measure of success for us is working software."

Posted on Nov 15, 2021 at 2:39 PM0 comments


Google leaves no doubt: it will pursue DOD's new cloud initiative

The competition around "JEDI: The Sequel" is starting to heat up as more reports surface that the Defense Department is making progress on the restart of its enterprise cloud initiative formerly known as the Joint Enterprise Defense Initiative.

JEDI had an ignoble end as DOD cancelled the contract after nearly two years of protests and lawsuits.

DOD appears to eschewing the Star Wars theme this time around. The new contract is known more traditional-sounding government moniker of the Joint Warfighter Cloud Capability. Rather than a single award like JEDI was, JWCC be a multiple-award effort in response to complaints about the original contract going to one cloud provider.

The competitive landscape will be different this time around as well, even though DOD intends to issue direct solicitations to Microsoft and Amazon's cloud subsidiary with the market research phase of JWCC completed in October. Microsoft was the original winner of JEDI over Amazon Web Services before the latter's protests and that contract's eventual cancellation.

But what’s different this time is that DOD has said it intends to make awards "to all cloud service providers…that demonstrate the capability to meet DOD's requirements."

Add a third to the list so far as Google will likely be a competitor this time around. The company pulled back somewhat from the defense market after employees objected to its participation in Project Maven, a DOD program to use artificial intelligence in processing video images. Employees were concerned that their work would be used to improve the accuracy and lethality of drone strikes.

But JWCC is a different beast and Google isn’t being shy about its interest.

In a Veterans Day blog post Nov. 11, Google's cloud CEO Thomas Kurian made it clear that Google has always worked with the federal government and listed as examples of customers the National Oceanic and Atmospheric Administration, Patent and Trademark Office and Air Force.

DOD's completion of the JWCC market research portion means industry is waiting for more details, something Kurian acknowledged: “We know very little about the specifics.”

But he made it clear where Google’s interest lies, despite the controversy surrounding Project Maven.

“If we are invited to be part of the JWCC contract, we will absolutely bid,” he said.

Kurian said that the company will apply its AI principles that guide what products the company will sell and projects it will pursue.

“We are committed to continuing to partner with the U.S. government, including the military, on specific projects that are consistent with our principles,” he said.

Google wasn’t ready to bid on JEDI in 2018, even though it is considered one of three general purpose cloud offerings in the market alongside AWS and Microsoft's Azure.

But Google sounds ready for JWCC. The contract will “offer up many opportunities for Google to help the men and women in our armed services to ensure their success and safety,” Kurian wrote. "Not every Googler will agree with this decision.”

So count Google as in whenever DOD decides to grow the cloud tent.

Posted on Nov 12, 2021 at 9:48 AM0 comments