The Air Force’s upcoming IT contract, the Small Business Enterprise Applications Solutions (SBEAS) is a bunker buster of an IDIQ — a small business set-aside with a really big price tag: $13.4B. The SBEAS final RFP is expected to hit the streets by the end of this month, September.

And not a moment too soon. America needs to modernize its IT security systems and enhance its cyber arsenal, big time.

Moscow’s Cyberczar – Rigging Western Elections?

An Ongoing Threat and an Urgent Need

The Ruskies are hacking and possibly hijacking our elections, and cyberattacking America’s NATO allies and other democracies worldwide.

Meanwhile, even the most advanced US-developed weaponized malware has, so far, proven itself incapable of defanging those nuke-wielding Axis of Evil stalwarts, Iran and North Korea.

Defending America’s Cyberspace

Into the breech charges the US Air Force, which has been tasked with manning the cyber-realm’s front lines. And to help them meet this formidable challenge, they turn to small, sometimes highly specialized enterprises capable of developing and countering advanced software and “softwarfare” weaponry capabilities that can protect our cyber turf and, if needs be, “neutralize” enemy threats.

Essentially SBEAS is a rebid of NETCENTS II (NC2) whose contractors include: Datum Software, Diligent Software, Diversified Technical Services, DSD Labs, Digital Management, Excellus Solutions, Exeter Government Solutions, Indrasoft, Segue Technologies, SI Systems Technologies, Array Information, and Technology Actionet. They or their replacements will have their work cut out for them.

Know Your Enemy! – Eugene Kaspersky, a graduate of the KGB’s elite crypto school, an advisor to Soviet military Intel, and computer mastermind, is thought to be the brains behind Kremlin’s dangerous cyber capers.

Big Ticket – Big Challenge on SBEAS

SBEAS’s requirements are as wide ranging and challenging as the 11-figure contract’s price tag is hefty.

This is a cyber security contract, for starters, calling for “… Experience integrating DoD and/or National Institute of Standards and Technology (NIST) Information Assurance/Cybersecurity concepts, practices, and procedures for an IS within the network environment.” And oh so much more…. SBEAS includes the comprehensive suite of IT services and IT solutions to support IT systems and software development in a variety of environments and infrastructures. Also additional IT services including: documentation, operations, deployment, cybersecurity, configuration management, training, commercial off-the-shelf (COTS) product management and utilization, technology refresh, data and information services, information display services and business analysis for IT programs.

Here is a list of what bidders are required to show mastery of:

  1. Life-cycle Software Services – Developing/ Implementation, Re-Engineering, Cloud Migration, Modernization, COTS SW and Enterprise Resource Planning [ERP] Systems.
  2. Cybersecurity – Vulnerability assessments and compliance with IA/Cybersecurity concepts, practices and procedures.
  3. Information Technology [IT] – Business Analysis, Requirements Analysis, Testing, Validation and Verification, Service /Help Desks, FBAE as a Life-cycle Software service.
  4. Programming Languages – Java, COBOL, PowerBuilder, .NET, ColdFusion or C, JavaScript, Perl, SQL, PYTHON or PHP Experience, Life-cycle Software Service experience using SWIFT, Ruby On Rails, JavaScript MV Frameworks, or Spark.
  5. Tools /Development Methodology – Security, Quality, Testing, Life cycle Methodologies.
  6. Platforms / Environments – Commercial, non-commercial and/or hybrid cloud, Defense Information Systems Agency [DISA] Enterprise Computing Center [DECC] or Air Force [AF] Computing facilities, DOD and non-DOD, facilities, etc.
  7. Database Components — Oracle, SQL Server, DB2, SyBase, Postgresql, MarialDB, JasperSoft, or MYSQL; NoSQL database to include: Postgresql, Cassandra, MongoDB, Hadoop, Spark, or Couch; RDBMS or NoSQL.
  8. Mobile/Internet of Things (IOT)Mobile Application Development — Apple iPhone Operating System (IOS), Windows or Android.
  9. Server Operating Systems: Windows Server, Red Hat enterprise Linux, SUSE, or UBUNTU.
  10. COTS Product Support: Familiarity with and the ability to use/modify presently used, serviceable products, systems and solutions.

How to Win a Piece of This

 A review of the (extensive) presol material reveals the following:

  1. An emphasis on risk aversion;
  2. Ability to innovate and incorporate innovations continuously;
  3. Ability to stay ahead of the curve and anticipate what our enemies are going to throw at us. And –
  4. Expertise/experience, not best price, is what evaluators will be expecting, and basing their decisions on.

The Air Force anticipates making 40 awards. Four Zero! Bidding and winning will not be a piece of cake. The proposals will be evaluated on the following:

Factor 1: Technical Experience

Factor 2: Past Performance

Sub-Factor 1: Life-cycle Software Services

Sub-Factor 2: Cybersecurity

Sub-Factor 3: Information Technology Business Analysis

A self-assessment questionnaire is part of the package. Offerors must evaluate themselves in the following areas:

  1. Life-Cycle Software Services – Max Points 1400
  2. Cybersecurity (formerly Information Assurance) – Max Points 800
  3. IT Business Analysis – Max Points 700
  4. Programming Languages/Frameworks – Max Points 700
  5. Tools/Software Development Methodology – Max Points 600
  6. Platforms/Environments – Max Points 500
  7. Database Components – Max Points 500
  8. Mobile/Internet of Things (IoT) – Max Points 300
  9. Server Operating Systems – Max Points 300
  10. COTS/GOTS/FOSS Software – Max Points 200

Out of a possible total of 6000 points, bidders must, at minimum, score 4200. A cross reference matrix linked to the past performance write ups (six required) should be included with the submission.

Primary NAICS Code 541511
Custom Computer Programming Services
Size Standard: $27.5 million annual receipts

 

Bidders have to get right to the point; no beating around the bush. The draft RFP allows only 20 pages to discuss the offeror’s technical capabilities. Additionally, similar IT-related contracts are emphasizing application of Agile Methodologies and DevOps Techniques. Please be advised — More than just buzz words, these managerial approaches are the SOP way USG/DOD wants contracting efforts managed. Conventional “waterfall” approaches are a thing of the past. You are warned …..

Short of proposal talent to score the winning points? Reach out here!