Welcome to Government Contracting Weekly
sponsored by AOC Key Solutions
Incorporated
Government Contracting Weekly is the
only television program devoted
exclusively to the competitive and dynamic
world of government contracting
a world where coming in second place is not
an option
but where principled centered winning is
the only approach
good morning
my name is Jim Mccarthy and i am
principal owner and technical director of
AOC Key Solutions
I'd like to welcome you to our new
television show government contracting
weekly
this is a show about government
contracting. How to win government
contracts and how to win them the right way. It is a show for 
companies that are doing business with
the government or who would like to do so
It is also a show for government
procurement officials who would like to
have tips and suggestions on how to
bring out the best, the industry has to offer
I'd like to give you some context about our show
government contractors do important
work in supporting our nation
developing new products from IT to
defense to space exploration
to cleaning up the environment
government contractors are the resource
base that our government calls on get
things done
Key Solutions specializes in giving
government contractors the winning edge
we know that success depends on offering
the government the product or service
that
best fits its needs
it should be obvious but often it isn't
that a company can only do that if it
fully and insightfully  understands the
government's needs, wants, and  biases
that of course means that a meaningful
dialogue must take place between parties
Government Contracting Weekly is
designed to foster that dialogue
we cannot deal in depth with every
government need and every contractor's
approach
but we can
prime the pump
and get the dialogue started
We will also apply experience and lessons
learned from our thirty years of winning
work from the federal government for our
clients
we'll provide tips and insight
and how companies can be more successful
in this highly competitive market place
throughout the season we welcome and
actively solicit your input
please visit our website www.government
contractingweekly.com
to comment on our show segments
and suggest
other topics or other speakers that you would
like to see
in a minute I will turn you over to the face of Government Contracting Weekly
Hilary Fordwich
Hillary is the
perfect choice to host the show
as she has over a decade at KPMG
where she headed  global business
development
and
she has an extensive background in
television broadcast
thank you for watching
i hope you'll make our program  a
normal part of your sunday morning
routine
Hilary
over to you
good morning and welcome back to
government contracting weekly
each week, we at Key Solutions aim to bring
you tactical and practical information
so that you know as a contractor
can win government contracts using
principled centered winning
today's show will focus on the pressing and
critical issue
of cyber security
that should be of concern to all of us
of both national security and in this
region
we have with us two experts
who focus on this issue
both Sam Visner from
CSC who heads up their cyber practice
and Mike Singer
head of the federal group at Quest
Software can bring us information
particularly about the inevitable conflict that exists between
the necessity for compliance
versus the risks involved
and also security verses the need for
accessibility
and they both also talk about the
governments need to know well in advance
 whereas cyber security is a very
evolving dynamic
environment
to be operating in
some people call cyber security
the next pearl harbor
it's a critical issue
and so I've asked both Sam and Mike to share with us
to share with us
what keeps them up at night
hopefully so that all of us know that they're taking care of an issue so we can
sleep better this evening
welcome back to our segment where we interview an executive from ou region
executive from arlington
the has some great insights for us
today I am really delighted that
Sam Visner is joining us. Sam is a VP and 
senior executive over at CSC in charge
of their entire cyber practice 
sam i believe most people
in this town know who you are. You have a 
tremendous background actually on both sides
are
on the government side and industry side
and i understand you have a family
legacy of
public service could you just so for our
audience anybody that doesn't that know Sam
give us a bit more background about
yourself
Well I came to washington as a
student of georgetown
uh... about a thousand years ago and i
guess what i would i would say yes i got
bitten by the national security bug as
well as the public service bug
but my father was a physicist who worked
on the manhattan project and later 
on the nuclear navy program with
the apple rick over, this is again many
years ago so he was somebody
who insisted that 
in the house 
 if you were educated you learn
something about science and technology
though when i went to georgetown and got
interested in
national security and foreign policy i
also had to come from a family where
science and technology were key things
>>parallel
>>you know i was told every sunday you're
gonna read the new york times and and
also you're going to read
committee foreign affairs magazine
but you're also going to  look at scientific american
so i've always in my in my life either
in the government or who are now back in
back in the private sector
have gravitated to fields where
policy
national security business
and science and technology all come
together and cyber security is
 perfect for that
>>so you're actually in a perfect
position
to be one of the unique executives that
could bring industry and
government more together
how do you view your ability to do that and
how is the chasm today between industry and government
well i think it's it's  actually
not
as much as a chasm as people might have
thought. Yeah you know when i
started thinking about the cyber
security issue and organizing our
company's business
and we've been in the business for a
long time but bringing it together as a
singular business
one of the things people told me was
well the cyber security issues that face
the public sector are significant and
they're important
but the cyber security issues that face
 the private sector the
commercial enterprises with which are
our company works and others work
don't face that kind of threat and they don't
see that kind of need> >>but they do in the national
>> and  we
actually never believed that and i
certainly never believed it because i
felt if 
if you have valuable intellectual
property today economics are
paramount
in any countries position in the world
and have the key to having a strong
economy in part is having great
intellectual property things that give
countries advantage so yes if you are
>>private or public that's right
and i think that that that recognition
begin day to come into play if you go
back a few years to comprehensive
national cyber security initiative
where it was important to safeguard
certainly dot gov and dot mil
but there was also questions about what 
the private sector the our critical
infrastructure so
the government started to think about
this from a policy perspective... you
know even back it's a it's as far back
as two thousand six and two thousand
seven
and today there are an increasing number
of what i would consider to be
useful information sharing mechanisms
and then i think it was last year the
government... put out a report
the national counter intelligence
executive report that said
U.S companies were having their
intellectual property stolen by foreign 
governments
so this was a way for people to say
all right there now is a unified
interest and we ought to have a unified
view of the problem, together.
Sam there's always going to be an inevitable sort of conflict that's really more of a
tension between security and accessibility
 do you think that's ever going
to change or what you think about that
tension that exists relieve the tension
is inevitable and i think the tension
will persist
but i also think we may get better at
finding ways to operate within that
environment where that tension continues
to exist
Let's look at it this way
if an organization has has created such
impediments to the excess ability of
information
then the information loses value even
hasn't been made in security for the he
may not have been compromised but if no
one can use it
it's like a it's like a a family
heirloom that nobody gets to touch in
nobody gets to inherit. That's right
 and that can happen
so i think the real question is can
people who are involved in cyber
security both in terms of cyber security
tools and in designing architecture's
that are secure
preserver our ability to use information
to make it accessible to people who have
rights to it
i think we're beginning to see moves in
that direction you're hearing more
discussion today about identity
management
and identity management is is is less
about keeping people out than making
sure that the right people who should
have access to information
get that access to information
Like encryption, yes  sometimes even encrypting the
data address and the
biometrics associated with the biometric
database which we used to ensure that
you are you when you get access to the
system
and and i think there's another reason
why we have to be sure that we address
the area of tension
if people can't use information or 
 the information lacks
value or some people may find work
arounds and those workarounds diminish
the security of the information system
and the information itself
is diminished
and not only security but the
value of the information
i think it's inevitable that we will see
this tension
but more and more people involved in
cyber security are looking past
how do i keep things say from a tools
perspective
to how do i build an architecture
that's intrinsically secure and also one
that we can really use
there's been by the way some some
efforts though where the government and
industry working together the national
strategy
for trusted identity in cyberspace is
an explicit effort
to allow people to to know whom they are
to have good secure credentials and
access to the information that they need
to live their lives and to do business
i think that's a bit of a step in the
direction of
 less tension and
more accommodation
Sam, we've been talking about the
public sector but within the private sector
alot of enterprises today are at risk from foregin governments, in terms of their 
intellectual IP, their assets. What can they be doing to
install protection for their
organizations
well smart c_i_o_'s and most c_i_o's.
are smart at least the ones i know
know that they're living in a world in
which
the they live in an intersection with a
lot of traffic coming through for
example
the information technology that they use
changes all the time
the requirements that the boss says you
know i want information technology not
just to help me  with my
enterprise systems of my finance systems
but maybe my production line of my
supply chain
or working with my vendors. So the
requirement is changing all the time
the resource envelope is
always being constrained people were
told do more with less
so thats always... a-changing
thing
something else that changes is that the
 the the adversaries technology
has become very sophisticated in the
threats that we see today are
going to be different tomorrow and
different next week and next month the
next year
and of course the adversaries are using
increasingly sophisticated trade craft
so if you're a c_i_o_ or chief
information security officer
you're sort of in the middle of this
intersection and stuff is coming at you
very quickly
Where should they focused then?
so i think the first thing they ought to
do is is not try to do this alone get
somebody is a good partner who's in a
good practitioner in cyber security
so that you can focus on the changing
needs inside of your organization and
not always have to be an expert about
cyber security
because it's the chief information
officer your job is to make sure that
information systems work to support your
business
whether or not it's retail, banking or
health care reform,
manufacturing or some other industry
you don't need to be, you shouldn't
have to be always a security expert
but you should get help from people who
are
in that professional field specializing
 that's right
and i think  today we're
seeing an increase in the
attention being paid to what we call
manage security service providers
coverage for one
and these are organizations that can
provide
an enterprise security roadmap for a
whole organization and have begun to help manage
security for the whole organization all
the way out to the production line and
potentially even to
to a companies industrial partners it's
vendors
and into its supply chain
and i think that's the way to do it
Sam, you're dealing in an area where alot of us have lots of concerns from
security, business security to IP
intellectual assets
what keeps you up at night?
Because you are privy to lots more than most of us are on important security issues
important security issues
hillary first i think the debate is
becoming  richer and more informed in
general and i do worry that as we ask
our information technology to do more
things
mobile computing cloud computing
uh... computing the goes all the way out
to the edge of our business all the way
into a production line all the way into
a factory that we should be asking even
as we as we want
information technology to do these
things how well we secure it
another area that i think is is an area
of concern and i don't want this to turn
into an area of fear i wanted to turn
into an area prudent concern
is the use of social media
the ability that one might have to
deliver up a load of malware to a
computer using social media
or to get to know you and to learn and
you know what kind of information to
which the information which you have
access, if you do have administrative privileges
to an information system
it seems to me that people are using
social media in ways that are 
aggressive and interesting
and social media of course is gonna lead to
a larger policy issues and that is
if we if we ensure that social media is
very secure
will governments overseas find that they
can use that security to crack down on
the use of social media impede
democratic movements
if social media isn't very secure...
does that mean that social media can be
used to to target and exploit and damage
the interests of innocent
individuals and citizens
so i think there will be a tension
between
how well we should secure social media
from the perspective of of
not having damage
and how much we should leave social
media in the domain of something that's
relatively open so that it serves
certainly the it serves
our democratic interests yes so i
think that's... an issue and as 
i watched in arab spraying
and i talked to some of my my students
 at georgetown where I teach as an
adjunct
it was an interesting question to be
able to balance security verses openness
in the social media domain and i think
we are
losing sleep over this because i don't
think that that's well understood
and it certainly is not an issue that's
perfectly well resolved
yeah well the good news is i think you
know we will continue to answer that
question and
the answer will be a little better
everytime
right
and now it's time for Government
contracting Weekly's
don'ts and do's
today our issue is critical
that of cyber security and i'm glad
to have with me today, Dan Marsh of AOC Key
Solutions
he has an english accent so i hope
it's not gonna be problematic...
We're going to address now the Don'ts
first of all don't staff your proposal
with people just because they are on your overhead
also
Don't put your
best technical people
on a proposal for the writing
also
don't corral
your best business development and sales
people into an opportunity
when they may not be
technically up to speed on this ever
evolving
dynamic issue
Now for those Do's, over to you Dan
First Do of cyber security
is to stand up an internal center of
excellence... sounds heavy and crazy big
but it doesn't have to be. Even if you are a 
smaller or midsize company you can dedicate
someone to this or a team if you are a large company
the reason for that is
this group or person however big you
are
is there to be your focus point expert
can take them on sales call, they can 
trained staff
they can create a proposal story. They can be the 
proving ground for new ideas
 within your company
and um...
cyber such changing waters you
need someone to stay on top of that at all
times because it's... on track to be
11.3% percent of the total
IT budget in 2015
your really should focus on
so that in mind
you should have a  dedicated team to help
cyber in capture and proposals
as we've discussed, there is no
single cyber award that's gonna come out
It's embedded in all these different
awards
so you need to have
capture people, proposal people who can
go in and help with the capture
of just the cyber piece. Who are experts in the sales message you are  trying to send
and the proposal
they can step in and help craft that proposal piece. 
They can sell cyber to the customer in their
language and understand
the consequences of not having a good
cyber solution... in what your
bidding
and the third thing is
sounds stupid but you've really got to train
your sales staff
and keep them up
to date
when they're meeting with customers they have to have this thought in their mind
It's a big worry
one of the things that keeps their clients up 
at night
if you're sales folks aren't walking in
and susan sitting with the customer and
she's not mentioning cyber being part of
the solution
you customer isn't going to believe them
they're not credible
you have to train your sales staff and keep
them going
so I
recently had a customer
who wanted to stand up a cyber team 
they wanted to sell them they
were too small
to do that on their own 
and they 
really couldn't afford to have
dedicated staff
so the recommendation to him was they
should look outside of the company
to other companies that focus on cyber
wheter thats the capture
BD level
they have expertise
let's put it in an ad hoc basis
and in fact we're now doing that with
larger companies as well that they have
to dedicate teams
but they also run out of the right
experts
it's well known that in the US
we have uh... dearth of CYber experts, cyber IT skills are not out there
so uh... part of the conversation was
they saw the training course
they talked to their young IT people who are
excited about cyber put them through some
training so theyre well positioned for 
growth opportunities that are coming in the next five years.
did you know
that business developers capture
managers proposal managers and program
managers must have different skill sets
to be successful
sorry
buddy clones don't work
for more information contact us at
www.governmentcontracting weekly.com
welcome to our segment where we nterview an
industry leader
this morning i'm delighted to Mike Singer
who's here from quest software
and he's going to be addressing cyber
security
Mike you have extensive experience in 
this so please share with our audience
and some more about yourself. Sure I'd be happy to
and thank you for having me here
uh... i've been fortunate to spend
twenty five years in the information
technology industry working for
companies such as apple computers sun
microsystems, in adobe and currently at
quest software where
l'm vice president of federal
operations
with all that experience you've had Mike, you're in the perfect position to address what are
some of the trends that you seen from
even when you started in the industry to
today
well the changes been phenomenal when
you look at the amount of technology
that's uh... become pervasive in our
market place and not only in the federal
government industry
in every home across america
i think three of the trends that we're
looking at right now in terms of what
the federal government is trying to
accomplish one certainly is about cyber
security and that's a buzzword we hear a
great deal about but i think there's a
lot of confusion about what it means and i think it does mean something
different every to different people yeah
so you have the external threats
which i think we've got a pretty good
deal worked out of closing the door on
and then uh... the international
security in terms of our national
security
and the second piece
is about
protection of data
and that has to do with management of
data
there was an explosion of that over the last
five years in particular
and as a result
how we manage that data and most
importantly how we protect it
is critical
and thirdly is mobility. mobility is
another area whether it be a mobile
phone
a... device like a tablet
it's it's all incremental data
that somehow has to be integrated into
the whole and most importantly protector
so Mike in terms of 
cyber security what are you doing today
differently than perhaps you were doing two
years ago
At Quest, what we are 
doing for the government and what the
government is looking at more importantly is
how to protect the data itself
so external bridges as i said earlier i
think have been pretty much
 block to the extent that it can be
more work will be done
but at the end of the day the most
important thing is to protect this the data
so that question and what we do
is to protect it by allowing
 access only certain people
. to ensure that ... we know who's got
access to the data
 to identify breaches when they
happen to protect against breaches
before they happen and in terms of
mobility has a big issue also absolutely
out the got hot topic today is b_y_ odi
which means bring your own devices
despite the fact that the government and
most private companies would prefer that
everybody's the device that they select
and they know there's construe art
everybody has access to personal devices
as well as business devices correct and
so what the government is now doing is
trying to figure out how to protect that
data
but at the same time allowing people to
BYOD
mike so what we don't want to delve into
the weeds of of technology
from a big picture perspective, what do you see as some of 
the trends and technology
Well there's a number of them and they're constantly
changing it becomes very cyclical depend
upon finding another conditions
but i have to say that virtualization is
one of the big ones the ability to go
from where we were years ago
which was centralized one and then we
went to decentralization
and now we're going back to
centralization. So good 
example of that
another would be data center consolidation
where we're taking many of the data
centers that exist across the country
and consolidating them into
smaller groups
where it becomes less expensive, easier to manage and easier to protect. And were doing it for all
efficiency reasons
absolutely
uh... other areas that were seeing
changes for trends
uh... tend to be in mobility as i said
uh... and how are we going to deal with
that issue and if we were to maximize the
benefits that can come from that
if we do it right
mike over the next few years what
technologies are going to have the most impact
in the whole
data management arena
i would say that the ability to
manage the software
in a way that allows for the maximum
amount of security
is going to determine
what solutions in technology is a
replied
to replace the alternate repeated
systems
so in terms of replacing those systems
an international security
what about the consumers ation of i t
how is that going to impact
not only for the federal government
expected but from the entire contracting
community perspective
i think that uh... what we're looking at
is a trend for smaller
faster deployments
and most importantly worked at it
which means that no longer are you going
to have systems that are set with one
vendor and only one way to solve the
problem
so that agility gives the government
customer the ability
.. to change it as the environment
changes we all know that IT moves
very very quickly
You need to be agile to adapt
then you have to have technology that adapts
with it
and that's i think one of the biggest
 trends that we're going to say
is the ability of whatever technology
with deploy today can be adapted in the future
so agility is key
so Mike something that i always like to ask guests is 
what does keep you up at night? this is
something that is on the top of your
mind that is so pressing as of the
greatest concern to you
i think the issue of security that we've
been talking about here today you've
been struggling with as industry and
government for many years now
is
when do we feel that we are finally
protected
and so what keeps me up at night is the grid.
 the national grid
the national grid and hoping that that
eventuality never comes to be
yeah some of the recent storms will
remind absolutely so the threats out
there
are we protect against that absolutely
can we do better to do more
absolutely and i stay away thinking
about that sometimes but i don't have
better things to do.  well I hope you get your message to our
viewers and thank you
.. for watching the segment and mike
thanks for coming on the show bye bye
you've been watching government
contracting weekly
sponsored each week by ayla seeking
solutions incorporated government
contracting weekly is the only
television program devoted exclusively
to the competitive in titanic world of
government contracting
for additional information comments
questions or suggestions
please write us and w_w_w_ dot
government contracting weekly dot com
artificially este
program focused on the side of security
when we look at what can be the most
valuable for you
the government contractor in terms of
anticipating future documents
both stopped us and a snafu csc and mike
singer
from quest software
davis along insights and tons of issues
such as
social media
and mobility
issues that have great concern for
national security
for this weekend and give you an
opportunity to serve on nation
meanwhile that marcia p solutions
provided some excellent tactical
intractable tapes about
boosting will be detained and being
prepared
establishing a center of excellence he
gave us all the components and what you
can do to be and already
this is a potentially fonz moving and
rapidly evolving issue
so if you have any more on feedback and
suggestions for the show and if you'd
like actually too
see some of those points and dow needed
to help you win
a particular procurement do visit us
online we welcome your suggestions and
thank you for joining us
you've been watching government
contracting weekly
sponsored each week by ncp solutions
incorporated
government contracting weekly is the
only television program devoted
exclusively to the competitive in
dynamic world of government contracting
for additional information comments
questions for suggestions
please write us back
contracting replete dot com
