By Tom Temin
The 2020 fiscal year is shaping up to possibly top 2019, the highest year yet for federal contract spending. But contractors need to watch out for a few things like the coming of cybersecurity audits and the possibility of tougher services spending oversight. Federal sales and marketing consultant Larry Allen joined Federal Drive with Tom Temin with his perspective.
Tom Temin: Larry, it does look like a good year, doesn’t it? I mean, aside from all of the pandemic response spending, it was shaping up to be a solid year anyhow, wasn’t it?
Larry Allen: Tom, it is shaping up to be a great year this year despite some of the distractions that you referenced around COVID-19. Agencies have their money. Agencies have definite needs they need to fill. I’m predicting that we’re going to see a lot of spending in the last part of the fiscal year as we always do. This year, I’m putting more money on continuation of existing projects than I am net new project starts. While that may seem like a safe bet, lately, government agencies have been spending more on new initiatives. I think that the coronoavrus impact is going to be that there’s going to be plenty of spending, but it’s going to be mostly keeping things going that they already have. And that’s not just due to coronavirus. We’re sliding into a presidential election cycle in the fall. And that’s pretty typical for what you usually see at this time.
Tom Temin: Because often presidential elections have a dampening effect on a year’s spending. But this year, I think it’s partly pandemic but also the fact, well, it’s indirectly pandemic is what I should say, because with everyone forced to telework, I think laptop spending, notebook, PCs, webcams and the infrastructure required to permanently support bigger VPN capacity, that kind of thing. I think a lot of agencies are going to wake up to the fact that this could be something that is more widespread on a permanent basis.
Larry Allen: Tom, I think that’s exactly right. From a strategic standpoint, we’re going to be seeing more federal workers working at home as a matter of course, rather than as an exception. Anecdotally, I can tell you, from my clients and others, we’ve seen just what you said, we’ve seen laptop sales escalate significantly. We are looking at security related spending for remote networks going up as part of that. Not a great time I think to be in federal commercial real estate, because at a strategic level, agency heads are going to be taking a look at what type of physical space they need, how much of it is required for their operation. Federal people just like anybody else are going to need to collaborate in person from time to time especially when they meet with industry, but I don’t know that that’s going to be on the same level of square footage that it’s been up till now.
Tom Temin: I’ve got a friend whose son has a business brokering used federal chair and, furniture. He’s got a three car garage and one third of it is filled with chairs that came out of federal agencies. I bet that business must be booming right now. I might see him about a new chair from my own home office.
Larry Allen: I’m thinking the same thing.
Tom Temin: Something else you’ve written about this week, though, in that is you’re expecting greater audit oversight of services spending and a lot of this hardware spending has a services tail with it, or sometimes the services lead the hardware spending. What’s your feeling on that one?
Larry Allen: Tom, what I’m looking at is continued increase spending in the professional services sector, particularly through multiple award contracts. And as we know the adage in government contracting is with revenue comes responsibility — also oversight. And while up till now a lot of the commercial item, commercial service audit activity has been in the product arena, I think we’re going to start to see that shift into services, because that’s where the money is. auditors and whistleblowers both follow the money trail. And this is an area that I think has historically been underserved in terms of audit and whistleblower activity. I’m predicting that that’s going to start to come to an end, and that companies in that sector make sure that their compliance systems are doing the things that they are designed to do.
Tom Temin: And your other big deal this week is the coming of CMMC, the system for monitoring the cybersecurity posture of contractors and subcontractors. And you’re expecting some pain connected with that.
Larry Allen: Tom, what I’m predicting is that we’re going to see the equivalent of a normal rush hour on the Capitol Beltway. That is traffic jams and tie ups in certain areas as a lot of people tried to move through a defined space on time. That’s really I think what CMMC, Cyber Maturity Model Certification, is shaping up to be. We’ve had a system where there’s currently little going on in the assessment arena, to my knowledge, no government contractors yet undergoing an assessment. The assessment standards themselves are just coming out right now in some form. And yet we also see DoD moving forward with making CMMC certification a requirement. It’s going to start off small, but there are going to be projects in fiscal 2020 that require this. And I just think that we’re gonna have very, very, very few companies who are authorized and accredited. It’s not like you set accreditation standards on Tuesday and somebody gets accreditation on Wednesday. This is a process Tom, it’s gonna take a while. You can add my voice to those who are wondering what the rush is. Certainly we want the DoD systems to be secure. Everybody understands that. But I think that DoD would be well served by saying, look, we’re going to take a time here to stretch out the effective date, so that we have more companies that have gone through the process. We know what the process is. We can have good competition, and we don’t have a train wreck of people trying to go to the same place at once.
Tom Temin: It sounds like the DoD is going to just simply have to have waivers for contractors and subs that couldn’t get through the pipeline in time of whatever deadlines they have set for all of this?
Larry Allen: Well, I think that’s a valid point. And there’s also some precedent for that. If you look at the FedRAMP standard for federal cloud computing, that’s somewhat federal agencies did. FedRAMP was a requirement. If you were going to buy cloud services, you had to buy it from a FedRAMP authorized company. Well, in some sectors, depending on the cloud solution you’re looking for. There were one or none FedRAMP approved companies, but you still had the need as that federal agency. Agencies went ahead and bought and frankly, still, today Tom are buying non FedRAMP approved cloud service solutions. We’re going to see this happen in the CMMC realm as well as VOD requirements take precedence over CMMC certification in all but the most sensitive areas.
Tom Temin: Water has a way of finding its own level, doesn’t it?
Larry Allen: That’s precisely it.
Tom Temin: Federal sales and marketing consultant Larry Allen. As always, thanks so much,
Larry Allen: Tom. Thank you and I wish your listeners happy selling.
By Tom Temin