A broken budget system casts a dark shadow over federal spending.

The federal budgeting process is broken. Former lawmakers and budget office leaders know it, current negotiators on Capitol Hill know it, a whole slew of good government groups know it and perhaps most of all, federal agencies know it. Under a process established in 1974, the president submits a budget proposal to Congress in February and the House and Senate each pass their respective blueprints in April. They go to conference, set the top-line spending levels, and the appropriations committees delegate that money to agencies in 12 separate bills before the annual August recess.

Spotlight

City of Winston-Salem

Local government - the City of Winston-Salem in Forsyth County, North Carolina. Winston-Salem is a Piedmont Triad Community, located in North Carolina near Greensboro, High Point, and Kernersville. It was established in 1913 with a joining of the towns of Salem and Winston.

OTHER ARTICLES
Cybersecurity

3 ways digital transformation makes governments more responsive

Article | March 23, 2022

COVID-19 placed enormous demands on government services—demands that are not likely to go away. Moreover, the private sector now looks to government to facilitate the data transparency, digital processes, and data security needed to fuel recovery. Governments now understand those old ways of doing business no longer work. They need to become agile and flexible to meet today’s needs. Some were moved in that direction by the unexpected demands of the pandemic. For others, COVID-19 simply accelerated their digital transformation journey that was already underway.

Read More

COVID-19: How do we get out of this quagmire?

Article | May 27, 2021

The COVID-19 virus (C19) pandemic is turning out to be the event of the century. Even World War seems timid in comparison. We are in the 4th month of the virus (in non-China countries) and have gone past the lockdown in many places. Isn’t it time we re-think the approach? What if there is another wave of C19 coming soon? What if C19 is the first of many such events in the future? Before we get into analysis and solution design, summarizing the C19 quirks: While a large section of the affected population is asymptomatic, for some it can be lethal There isn’t clarity on all the ways C19 spreads It’s known to affect the lungs, heart, and kidneys in patients with weak immunity It has been hard to identify a definitive pattern of the virus. Some observations in managing the C19 situation are: With no vaccine in sight, the end of this epidemic looks months or years away Health care personnel in hospitals need additional protection to treat patients Lockdowns lead to severe economic hardship and its repeated application can be damaging Quarantining people has an economic cost, especially in the weaker sections of society If one takes a step back to re-think about this, we are primarily solving 2 problems: Minimise deaths: Minimise the death of C19 and non-C19 patients in this period Maximise economic growth: The GDP output/growth should equal or higher than pre-C19 levels One needs to achieve the 2 goals in an environment of rising number of C19 cases. Minimise deaths An approach that can be applied to achieve this is: Data driven health care capacity planning Build a health repository of all the citizens with details like pre-existing diseases, comorbidity, health status, etc. The repository needs to be updated quarterly to account for patient data changes This health repository data is combined with the C19 profile (disease susceptibility) and/or other seasonal diseases to determine the healthcare capacity (medicines, doctors, etc.) needed The healthcare capacity deficit/excess needs to be analysed in categories (beds, equipment, medicine, personnel, etc.) and regions (city, state, etc.) and actions taken accordingly Regular capacity management will ensure patients aren’t deprived of timely treatment. In addition, such planning helps in the equitable distribution of healthcare across regions and optimising health care costs. Healthcare sector is better prepared to scale-up/down their operations Based on the analysis citizens can be informed about their probability of needing hospitalisation on contracting C19. Citizens with a higher health risk on C19 infection should be personally trained on prevention and tips to manage the disease on occurrence The diagram below explains the process Mechanism to increase hospital capacity without cost escalation Due to the nature of C19, health personnel are prone to infection and their safety is a big issue. There is also a shortage of hospitable beds available. Even non-C19 patients aren’t getting the required treatment because health personnel seek it as a risk. This resulted in, healthcare costs going up and availability reducing. To mitigate such issues, hospital layouts may need to be altered (as shown in the diagram below). The altered layout improves hospital capacity and availability of health care personnel. It also reduces the need for the arduous C19 protection procedures. Such procedures reduce the patient treatment capacity and puts a toll on hospital management. Over a period, the number of recovered C19 persons are going to increase significantly. We need to start tapping into their services to reduce the burden on the system. The hospitals need to be divided into 3 zones. The hospital zoning illustration shown below explains how this could be done. In the diagram, patients are shown in green and health care personnel are in light red. **Assumption: Infected and recovered C19 patients are immune to the disease. This is not clearly established Better enforcement of social factors The other reason for high number of infections in countries like India is a glaring disregard in following C19 rules in public places and the laxity in enforcement. Enforcement covers 2 parts, tracking incidents of violation and penalising the behaviour. Government should use modern mechanisms like crowd sourcing to track incidents and ride on the growing public fear to ensure penalty enforcement succeeds. The C19 pandemic has exposed governance limitations in not just following C19 rules, but also in other areas of public safety like road travel, sanitation, dietary habits, etc. Maximise economic growth The earlier lockdown has strained the economy. Adequate measures need to be taken to get the economy back on track. Some of the areas that need to be addressed are: One needs to evaluate the development needs of the country in different categories like growth impetus factors (e.g. building roads, electricity capacity increase), social factors (e.g. waste water treatment plants, health care capacity), and environmental factors (e.g. solar energy generation, EV charging stations). Governments need to accelerate funding in such projects so that that large numbers of unemployed people are hired and trained. Besides giving an immediate boost to the ailing economy such projects have a future payback. The governments should not get bogged down by the huge fiscal deficit such measures can create. Such a mechanism to get money out in the economy is far than better measures like QE (Quantitative Easing) or free money transfer into people’s bank accounts Certain items like smartphone, internet, masks, etc. have become critical (for work, education, critical government announcements). It’s essential to subsidise or reduce taxes so that these items are affordable and accessible to everyone without a financial impact The government shouldn’t put too many C19 related controls on service offerings (e.g. shops, schools, restaurants, cabs). Putting many controls increases the cost of the service which neither the seller not buyer is willing or able to pay. Where controls are put, the Govt should bear the costs or reduce taxes or figure out a mechanism so that the cost can be absorbed. An event like the C19 pandemic is a great opportunity to rationalise development imbalances in the country. Government funding should be channelized more to under-developed regions. This drives growth in regions that need it most. It also prevents excess migration that has resulted in uncontrolled and bad urbanisation that has made C19 management hard (guidelines like social distance are impossible to follow) Post-C19 lockdown, the business environment (need for sanitizers, masks, home furniture) has changed. To make people employable in new flourishing businesses there could be a need to re-skill people. Such an initiative can be taken up by the public/private sector The number of C19 infected asymptomatic patients is going to keep increasing. Building an economy around them (existing, recovered C19 patients) may not be a far-fetched idea. E.g. jobs for C19 infected daily wage earners, C19 infected taxi drivers to transport C19 patients, etc. In the last 100 years, mankind has conquered the destructive aspects of many a disease and natural mishap (hurricanes, floods, etc.). Human lives lost in such events has dramatically dropped over the years and our preparedness has never been this good. Nature seems to have caught up with mankind’s big strides in science and technology. C19 has been hard to reign in with no breakthrough yet. The C19 pandemic is here to stay for the near future. The more we accept this reality and change ourselves to live with it amidst us, the faster we can return to a new normal. A quote from Edward Jenner (inventor of Small Pox) seems apt in the situation – “The deviation of man from the state in which he was originally placed by nature seems to have proved to him a prolific source of diseases”.

Read More
Emerging Technology

Multidomain Architecture Strategic Definitions: Part One of Multidomain Architectures, the IT Manhattan Project, and Delivering the “Real” Zero Trust

Article | July 16, 2022

“Belonging to the essential nature of a thing; originating and included wholly within an organ or part.” That is the definition of “Intrinsic.” When we were developing the “IT Manhattan Project” framework, we were doing so in direct response to some of the most significant hacks in U.S. Federal history, which piled on to the already unprecedented push to expedite the modernizing of federal IT because of the COVID-19 response. The COVID-19 response shifted the way that the U.S. federal government operated, where our workforce worked from, the immediate need for mobile ‘available from anywhere’ workloads, and how to both secure and support that new way of doing federal business. A new, vigorous push towards rapidly modernizing federal IT environments was underway. Ultimately, it laid the groundwork for producing transformational federal memos and oversight by way of some of the following: Executive Order 14028: “Improving The Nation’s Cybersecurity” M-22-09: OMB’s Zero Trust Strategy M-22-09 NIST 800-53rev5: Fulfilling an expedited realization of the overall intent of NIST 800-53r5 through the emphasis on things like conditional access, TIC 3.0 frameworks, Secure Orchestration/Automation/Remediation, and modernized, agile approaches to secure micro-segmentation from Hybrid Environments up to Federal Cloud instances Overall mandates like these carry with them a consistent anthem driving at rapid IT modernization with rigorous proof of performance schedules attached. Piling on top of those Herculean efforts, the urgency was drastically increased by several of the highest profile cyber compromises in U.S. federal history. Rapid modernization had to happen right away. The time for IT transformation was here, backed by promises of significant funding and a high level of political visibility. The Shift to Zero Trust At their core intent, Zero Trust architectures are expected to provide a centralized policy structure that dictates how every individual flow in our IT environments are permitted to talk. No user, host, or flow is permitted without being subjected to rigorous authentication and authorization policy. This shifts our previous understanding of North-South, East-West traffic and how we police it. The foundational intent of Zero Trust architectures centers around applying unified policy to every transaction that occurs between enterprise resources, and doing so in ways that are agnostic to the IT Silo that they reside in. Zero Trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location.” NIST 800-207 aptly They go on to explain that the scope of this posture includes all assets, workflows, network accounts, and the like. In summary, police everything, abstract production traffic intent from the underlying infrastructure that supports it, and institute a unified security posture to execute the policing at every network entry point. Regardless of the domain. We all know that this is a tectonic but much-needed shift in our industry. I’d go so far as to say that the successful instantiation of this approach across Federal IT environments is critical to our national security going forward. Management Complexities Enterprise IT domains contain varied mixtures of OEM solutions, home-grown tools, and utilize a wide variety of protocols to intercommunicate that aren’t necessarily standardize. Each of these domains is normally managed by separate IT teams who specialize in maintaining those environments. In the federal landscape, each of these domains aren’t just managed by separate enterprise IT teams, but are commonly managed by different contractors. Therefore, IT security organizations have a difficult time achieving and maintaining the necessary operational awareness required to enforce centralized policy. These cultural complexities exacerbated by budgeting concerns have created a fatalistic mentality when it comes to far-reaching mandates. This is where the tectonic shift in architectural and administrative approach is so necessary. This is where multidomain architectures shine. Let’s define a common baseline of enterprise domains seen across traditional IT environments: Cloud Data Center Enterprise Networking Extended Enterprise (IoT, OT/ICS) Remote Access But to deliver a successful Zero Trust across the enterprise, it is first necessary to understand some foundational building blocks on which to construct our architectural approach: We can’t have MULTIDOMAIN POLICY without first achieving fuller We can’t deliver macro and micro-segmentation without first having robust MULTIDOMAIN We can’t have multi-vendor MULTIDOMAIN Zero Trust POLICY without sensical INTEGRATIONS to stitch each enterprise domain together. Let’s face it, enterprise IT environments don’t simply include infrastructure from a single manufacturer, or even a few key manufacturers. Rather, our Enterprise IT environments are represented by a plethora of IT manufacturers specializing in different niches of IT and the domains they are commonly found in. These environments are managed by different Federal IT organizations, different contractors who support these Federal IT organizations, and many different teams that support each common IT silo. Different teams that support oft-compartmentalized areas like Network Security Operations, Network Operations, Data Center Operations, Institutional Services, Wide Area Networking contracts, Operational Technologies, and dotted lines to different leadership oversight like CIO Programs, CTO Architecture, the Cyber Security Office, and the audit oversight bodies that they are subjected to. Each of these make up a complex support structure that isn’t necessarily streamlined for efficiency. Summary and Overarching Goals In articles to follow, you’ll see us referencing the IT Manhattan Project framework several times. Though many details of the framework can’t be discussed due to their sensitivity, the foundational principles are relevant across the board when pursuing intrinsic multidomain Zero Trust. Establish Visibility (Administration, Telemetry, Assurance) Define Straightforward Policy Structure and Hierarchy (Auth Chains) Perform Multidomain Integrations (API Integrations) Deploy Software-Defined Framework (Day-0, Programmable Fabrics, Multi-OEM Fabric Integrations) Establish Sensical Automation Runbooks (Day-2 Operations) We will also explore some areas that deliver unexpected value to the agency business in immediate ways. All of this will help create a cohesive story that helps CIOs, CISOs, and enterprise architects alike communicate the criticality of this multidomain Zero Trust approach to agency leaders across the federal spectrum.

Read More

Congress considers COVID recovery bond program

Article | July 22, 2020

While congressional leaders work diligently to develop the next COVID recovery bill, other interesting legislation also is being discussed. Many of the conversations focus on public funding options after COVID-19. There are no disagreements when it comes understanding the critical funding needs that will be front and center for cities, counties, states, schools, and hospitals as the country begins to emerge from a total focus on the coronavirus. Many public projects and initiatives will have to be addressed. First of all, crumbling, inefficient and unsafe infrastructure, of all types, must be a priority. Secondly, jobs will be a critical component of the successful re-establishment of economic stability. It is already apparent that a great deal of new funding will flow to long-standing federal programs. That’s a good thing because public officials already are aware of how those programs function. However, a number of new bills under discussion relate to the provision of additional and innovative ways for governmental entities to secure funding for projects that would stimulate the economy, create jobs, and address aging infrastructure. One particularly interesting new concept being evaluated is tax-exempt COVID recovery bonds. The current discussions focus on a federal COVID recovery bonding program that would be launched with approximately $25 billion. A small number of states have already initiated programs such as this on a smaller scale. The funding would be allocated to states based on population. From the governor’s office in each state, funding could be disbursed for projects of specific types. If COVID recovery bonds become a reality, the program would provide another way for public entities to secure funding that does not come solely from public coffers. Individual private sector contractors, investors, and organizations would provide the funding and work collaboratively with public officials. This program would be somewhat similar to private activity bonds which provide alternative funding for public initiatives. The new COVID recovery bonds would be tax exempt when used for permitted purposes such as financing airport, port, transportation, sewage, water, solid waste disposal, certain facilities, and other projects. In the following weeks and months, taxpayers and citizens should watch with eager anticipation. Congressional actions will boost America’s economic recovery and stabilize governmental organizations throughout the country. Inaction is a possibility, too, but that would risk missing out on recovery opportunities. Congressional representatives base their actions and their votes on input from constituents they represent. There are times when citizens, whatever their opinions, should provide input to elected representatives. This is one of those times. Mary Scott Nabers is president and CEO of Strategic Partnerships Inc., a business development company specializing in government contracting and procurement consulting throughout the U.S. Her recently released book, Inside the Infrastructure Revolution: A Roadmap for Building America, is a handbook for contractors, investors and the public at large seeking to explore how public-private partnerships or joint ventures can help finance their infrastructure projects.

Read More

Spotlight

City of Winston-Salem

Local government - the City of Winston-Salem in Forsyth County, North Carolina. Winston-Salem is a Piedmont Triad Community, located in North Carolina near Greensboro, High Point, and Kernersville. It was established in 1913 with a joining of the towns of Salem and Winston.

Related News

Emerging Technology, Cybersecurity

Red River Secures Army ITES-3S Contract

Businesswire | March 23, 2023

Red River, a technology transformation company serving government and enterprise customers, today announced that it is now an authorized provider on the U.S. Army’s Information Technology Enterprise Solutions 3 Services (ITES-3S) contract. Awarded by the Computer Hardware, Enterprise Software and Solutions (CHESS) and the Army Contracting Command - Rock Island (ACC-RI), ITES-3S is a nine-year, $12.1 billion, indefinite delivery indefinite quantity (IDIQ) contract. The ITES-3S IDIQ will provide a broad range of enterprise information technology services and support to the U.S. Army and other authorized Federal Government agencies. Types of information technology services available through the ITES-3S IDIQ include Program Management; Cybersecurity/Information Assurance; Enterprise Design, Integration and Consolidation; Network/Systems Operation and Maintenance; Telecommunications; Supply Chain Management; Operation and Maintenance; Business Process Engineering; and Information Technology Education and Training. This award demonstrates Red River’s longstanding commitment to providing superior professional services to the U.S. Army and the opportunity to continue to serve and support the men and women in uniform at home and abroad. Red River has more than 25 years as a trusted technology and services provider to the U.S. government and Department of Defense (DoD). “We are excited to continue our longstanding history of supporting the technology services needs of the Army and other government agencies supported through this contract vehicle,” said Brian Roach, CEO for Red River. “We look forward to collaborating with DoD technology leaders to support their mission requirements in areas such as cybersecurity, managed services, cloud, infrastructure and collaboration. This is a significant addition to our contracts portfolio and strengthens our position as a leading technology and services provider to the DoD and the U.S. government as a whole.” About Red River Red River brings together the ideal combination of talent, partners and products to disrupt the status quo in technology and drive success for business and government in ways previously unattainable. Red River serves organizations well beyond traditional technology integration, bringing more than 25 years of experience and mission-critical expertise in managed services, cybersecurity, infrastructure, collaboration and cloud solutions.

Read More

Emerging Technology

Surfacide® Awarded U.S. General Services Administration (GSA) Contract

Surfacide | March 20, 2023

Surfacide, an industry leader in UV-C low-level disinfection technology, announced today that it has been awarded a Multiple Award Schedule (MAS) contract by the U.S. General Services Administration (GSA). This contract will allow government customers and federal agencies to easily procure Surfacide's Helios® UV-C disinfection systems for their healthcare facilities. As a GSA Schedule Contractor, Surfacide has met all the requirements to sell to the federal government, making the federal purchasing process faster and more cost-effective for government agencies. Government buyers will now be able to access Surfacide products through GSA Advantage!, the government's premier online shopping superstore. The Surfacide Helios system is the only patented, low-level UV-C disinfection solution to use a trio of light emitting 'robots' simultaneously, significantly reducing bacteria and virus on colonized surfaces. The Helios system provides UV-C energy to more exposed areas than single devices—boosting power, dosage and efficacy in a single cycle. The system can be easily moved and configured within different high-impact areas of a hospital or clinic such as patient rooms, patient bathrooms, ORs, outpatient/ambulatory surgery, burn units, labor & delivery, isolation rooms, etc. "As a GSA Schedule Contractor, we now have the stamp of approval stating that we've met all the requirements to sell to the federal government, giving us a huge benefit in the federal purchasing process," said Gunner Lyslo, CEO & Founder of Surfacide. "We're proud to have been awarded this GSA MAS contract and are excited to provide our innovative UV-C disinfection technology to government customers more efficiently." Surfacide is rapidly growing and has become widely adopted in the VA space. After seeing the benefits of Surfacide's scientifically-proven technology, more and more VA facilities are transitioning from single emitters to Surfacide's patented triple-emitter Helios System. About Surfacide Founded in 2010, Surfacide is a UV technology and infection solutions company producing scientifically proven, hospital-grade UV devices. Surfacide's award-winning Helios® System is the world's only patented, triple emitter 'robotic' UV light solution to rapidly reduce bioburden and pathogens. A trusted partner in infection prevention, Surfacide has been deployed in over 600 leading hospitals, nursing homes, dental offices, fire stations, prisons, police stations, commercial office spaces, hotels and public venues worldwide. Surfacide LLC is proud to be American-made and manufactured in Waukesha, WI.

Read More

Donald Trump's apparent 'U-turn' on Huawei ban explained and what happens now

abc | July 03, 2019

US President Donald Trump surprised many at the G20 Summit in Osaka when he relaxed his ban on American companies doing business with Huawei, which has been at the centre of his trade war with China. The apparent backflip means that businesses like Google and Qualcomm can tentatively continue business as usual with Huawei, without requiring special permission from the US federal authorities. But the White House and Commerce Department haven't yet clarified whether the decision will affect Huawei's use of Google's Android operating system.

Read More

Emerging Technology, Cybersecurity

Red River Secures Army ITES-3S Contract

Businesswire | March 23, 2023

Red River, a technology transformation company serving government and enterprise customers, today announced that it is now an authorized provider on the U.S. Army’s Information Technology Enterprise Solutions 3 Services (ITES-3S) contract. Awarded by the Computer Hardware, Enterprise Software and Solutions (CHESS) and the Army Contracting Command - Rock Island (ACC-RI), ITES-3S is a nine-year, $12.1 billion, indefinite delivery indefinite quantity (IDIQ) contract. The ITES-3S IDIQ will provide a broad range of enterprise information technology services and support to the U.S. Army and other authorized Federal Government agencies. Types of information technology services available through the ITES-3S IDIQ include Program Management; Cybersecurity/Information Assurance; Enterprise Design, Integration and Consolidation; Network/Systems Operation and Maintenance; Telecommunications; Supply Chain Management; Operation and Maintenance; Business Process Engineering; and Information Technology Education and Training. This award demonstrates Red River’s longstanding commitment to providing superior professional services to the U.S. Army and the opportunity to continue to serve and support the men and women in uniform at home and abroad. Red River has more than 25 years as a trusted technology and services provider to the U.S. government and Department of Defense (DoD). “We are excited to continue our longstanding history of supporting the technology services needs of the Army and other government agencies supported through this contract vehicle,” said Brian Roach, CEO for Red River. “We look forward to collaborating with DoD technology leaders to support their mission requirements in areas such as cybersecurity, managed services, cloud, infrastructure and collaboration. This is a significant addition to our contracts portfolio and strengthens our position as a leading technology and services provider to the DoD and the U.S. government as a whole.” About Red River Red River brings together the ideal combination of talent, partners and products to disrupt the status quo in technology and drive success for business and government in ways previously unattainable. Red River serves organizations well beyond traditional technology integration, bringing more than 25 years of experience and mission-critical expertise in managed services, cybersecurity, infrastructure, collaboration and cloud solutions.

Read More

Emerging Technology

Surfacide® Awarded U.S. General Services Administration (GSA) Contract

Surfacide | March 20, 2023

Surfacide, an industry leader in UV-C low-level disinfection technology, announced today that it has been awarded a Multiple Award Schedule (MAS) contract by the U.S. General Services Administration (GSA). This contract will allow government customers and federal agencies to easily procure Surfacide's Helios® UV-C disinfection systems for their healthcare facilities. As a GSA Schedule Contractor, Surfacide has met all the requirements to sell to the federal government, making the federal purchasing process faster and more cost-effective for government agencies. Government buyers will now be able to access Surfacide products through GSA Advantage!, the government's premier online shopping superstore. The Surfacide Helios system is the only patented, low-level UV-C disinfection solution to use a trio of light emitting 'robots' simultaneously, significantly reducing bacteria and virus on colonized surfaces. The Helios system provides UV-C energy to more exposed areas than single devices—boosting power, dosage and efficacy in a single cycle. The system can be easily moved and configured within different high-impact areas of a hospital or clinic such as patient rooms, patient bathrooms, ORs, outpatient/ambulatory surgery, burn units, labor & delivery, isolation rooms, etc. "As a GSA Schedule Contractor, we now have the stamp of approval stating that we've met all the requirements to sell to the federal government, giving us a huge benefit in the federal purchasing process," said Gunner Lyslo, CEO & Founder of Surfacide. "We're proud to have been awarded this GSA MAS contract and are excited to provide our innovative UV-C disinfection technology to government customers more efficiently." Surfacide is rapidly growing and has become widely adopted in the VA space. After seeing the benefits of Surfacide's scientifically-proven technology, more and more VA facilities are transitioning from single emitters to Surfacide's patented triple-emitter Helios System. About Surfacide Founded in 2010, Surfacide is a UV technology and infection solutions company producing scientifically proven, hospital-grade UV devices. Surfacide's award-winning Helios® System is the world's only patented, triple emitter 'robotic' UV light solution to rapidly reduce bioburden and pathogens. A trusted partner in infection prevention, Surfacide has been deployed in over 600 leading hospitals, nursing homes, dental offices, fire stations, prisons, police stations, commercial office spaces, hotels and public venues worldwide. Surfacide LLC is proud to be American-made and manufactured in Waukesha, WI.

Read More

Donald Trump's apparent 'U-turn' on Huawei ban explained and what happens now

abc | July 03, 2019

US President Donald Trump surprised many at the G20 Summit in Osaka when he relaxed his ban on American companies doing business with Huawei, which has been at the centre of his trade war with China. The apparent backflip means that businesses like Google and Qualcomm can tentatively continue business as usual with Huawei, without requiring special permission from the US federal authorities. But the White House and Commerce Department haven't yet clarified whether the decision will affect Huawei's use of Google's Android operating system.

Read More

Events