Did LPTA Open the Door For Greater "As a Service" Adoption?

Sean Kelley, Chief Information Security Officer, Federal Government Agency
324
536
116

A procurement system within the government that is difficult to navigate for both the government customer and industry partners is no surprise to anyone working in the federal ecosystem, but at least one part of the federal government has finally decided it is time for adjustments. Through the enactment of the 2017 The National Defense Authorization Act of 2017 SEC. 892. Selection of Service Providers For Auditing Services and Audit Readiness Services, the changes will see fruition.

“The Department of Defense shall select service providers for auditing services and audit readiness services based on the best value to the Department, as determined by the resource sponsor for an auditing contract, rather than based on the lowest price technically acceptable service provider.”

Low Cost Technically Acceptable (LPTA) has been prevalent in the federal government since 2010. Though LPTA gives the government immediate savings, the long term cost savings/loss is harder to calculate. Are industry partners able to put the best team and deliver the best product/team on the ground? Has a short-term savings really resulted in a longer term loss and potential inferior product to what could have been delivered at best value? Those questions will continue to be debated, but regardless the 2017 NDAA is a breakthrough for both Industry and the government.  

  ​ The sector must employ the latest trends in technology and automation to reduce the expensive head count in the traditional model 

Washington Technology reported in a July 2014 survey of government industry partners that “68 percent said they felt LPTA had a negative to mostly negative impact on their business.” They also reported 89 percent were opposed to the use of LPTA. Is it just about profits? The survey also reported that in the comment sections that “In order to win, we will have to make an additional downward price adjustment and will likely not be able to hire the right talent.” Is it possible to deliver a superior product if you cannot retain the best talent?

Another question that this discussion raises is if the last seven years of LPTA has opened the door for a wider adoption of “As a Service” offering where the government will just choose a piece of or all of their operations to be managed by a third party? Cloud’s Adoption and Managed Services are being actively (slowly) adopted in the federal government, but could desktop services, infrastructure and security be 100 percent outsourced to a trusted partner in the near future? The answer is yes.  

In the summer of 2016, McKinsey forecasted that by 2019, the IT Sector will move from a build-IT posture to a consume- IT posture. Most in house IT professionals believe they can do it better than anyone else, but this is simply not true. With shrinking budgets and a limited talent pool, there is no possible way for in house to compete with an IT provider that can scale their operations across many customers in a standardized with proper configurations thus enabling automation across the enterprise. Some statistics from the McKinsey Survey of 800.

• Public-based IaaS is also expected to increase from 25 percent in 2015 to 37 percent in 2018.
• In 2015, 77 percent of enterprises that used traditionally built IT infrastructure as the primary environment for at least one workload will drop to 43 percent by 2018.
• The most staggering statistic from McKinsey is that Enterprises’ adoption of IaaS as the primary environment for workloads will jump from 10 percent in 2015 to 51 percent in 2018.

We have now entered a phase that services and statement of work needs to be coupled with the latest technologies to reduce the costs of services. The sector must employ the latest trends in technology and automation to reduce the expensive head count in the traditional model. This is a huge paradigm shift. Historically, these have been procured separately. Technology products have a separate evaluation process and approval process than contracting staff go through to get access to government networks and data. Additionally, industry services suppliers and government leaders will need to adjust thinking from a head count model to an actual service delivery model with metrics that support a service level agreement. This could be a hard adjustment for both industry and government.

Consider the example of an organization normally employing 20 people to run their 24x7 Security Operations Center (SOC) and Incident Response (IR) to support the organization. What if through the latest technology, that SOC and IR staff could be reduced to 6-8 staff members when coupled with the right technology that can zero in on the traffic and incidents that require human intervention? The technology exists and will only become more sophisticated in the next few years. In the security arena, the SOC is a perfect managed service. An organization can create SLAs and metrics to measure the performance and reduce their cost to invest in other areas of the organization. Adoption in the federal sector will take a bit longer than the private sector, but this trend is coming soon.

This new posture could be especially attractive to the Value-added reseller (VAR). The VARs could be a disruptor in the marketplace. The VAR has the relations and the acquisition vehicle to bring best of breed product and technology with preferred pricing to the table and already has staff on hand for deployment. Since their deployment services are already based on a service and not a head count, they could easily expand this to managed services. This may be a more difficult adjustment for the IT Services industry where the business model is based on a margin on each employee that is providing services to the customer. Additionally, most IT Services providers don’t have the established relationships with technology providers. There are many factors that will encourage this disruption but there is also a great deal of unknowns that could take the community in a different direction. It is universally agreed on that changes are coming.

These changes will include greater adoption of cloud and “As a Service” offerings. The adoption rate of Cloud and “As a Service” offerings will continue to grow. We are seeing the changes but the acceleration of the adoption will only increase as budgets become tighter and tighter. Organizations both private and public will be forced to release control and turn pieces of their operations over to a managed service provider to dedicate resources to other efforts. Organizations that resist this trend will face public scrutiny (public sector) or face obsolescence (private sector). These changes can be a real enabler to great innovation because the in house staff can focus on innovation that will allow greater services and better offerings to their respective customer base.

Read Also

ISR Analytics: Challenges for IT, Implications for Big Data, and Opportunities for IoT

ISR Analytics: Challenges for IT, Implications for Big Data, and Opportunities for IoT

Ravi Ravichandran, Ph.D., Director, BAE Systems Technology Solutions
Are we at war?

Are we at war?

Barry Barlow, Chief Technology Officer, Vencore, Inc.
Protecting the Defense Industrial Base from Cyber-attack

Protecting the Defense Industrial Base from Cyber-attack

Ted Bujewski, Associate Director, Office of Small Business Programs Department of Defense