The United States Department of State has issued a Request for Proposals (RFP) for its multibillion-dollar “Evolve” acquisition programme to modernise American diplomatic technology. The programme’s goals include using emerging technologies, cybersecurity, data analysis, climate and health innovations and workforce accessibility.
Evolve is a crucial component of the U.S. agenda to build a State Department that is ready to operate securely in the twenty-first century. IT Management, Network and Telecommunications, Cloud and Data Centre, Application Development and Customer and End User Support are part of the scope. The total contract acquisition ceiling is expected to cost US$10 billion.
The revitalisation programme will allow the Department to acquire technology services from companies with a successful track record while advancing modern U.S. diplomatic goals. Multiple-award, Indefinite Delivery, Indefinite Quantity (IDIQ) contracts with a seven-year performance period will be used to purchase Evolve technology services.
The IT refreshment initiative promotes expanded opportunities for small and disadvantaged businesses through set-asides, small business participation goals, and the inclusion of pass/fail small business commitment requirements for all significant business offerors. In addition, existing I.T. services provided to the Department under the 8(a) programme will be exempt from the Evolve programme, ensuring that those opportunities remain available to small businesses.
Modernisation has emerged as a priority for the United States government. Previously, the U.S. General Services Administration (GSA) built a significant digital modernisation effort with a design-led approach, leveraging existing talent and data. GSA’s Office modernisation efforts were undertaken in response to Executive Board and Digital Council requests for a team to catalogue, evaluate, and push customer-centred changes to all GSA’s digital products.
Using a design-led approach, the agency assembles a team of experts in critical areas, including service design, policy, human capital, and engineering, as well as a collaborative mindset. While attempting to bring in more talented individuals, the agency drew from its existing talent pool and cross-trained each other by working on projects.
Moreover, cybersecurity has become one of the country’s top priorities as more activities rely on the internet. The G7 Cyber Expert Group (CEG) recently issued two reports to help financial sector entities better understand cybersecurity topics such as ransomware and third-party risk.
This document aims to help financial institutions, both public and private, with their internal ransomware mitigation efforts. The report summarises the G7’s current policy approaches, industry guidance, and best practices. Furthermore, the G7 jurisdictions’ collaboration in producing this report emphasises global efforts to promote financial sector resilience.
The CEG also released an updated version of a 2018 report titled The Fundamental Elements of Third-Party Risk Management in the Financial Sector. The G7 CEG deemed this revision necessary to keep up with the ever-changing cyber threat landscape due to financial institutions’ increasing reliance on service providers in central operational functions and the resulting vulnerabilities. The update contains explicit recommendations for tracking supply chain risks, identifying systemically important third-party providers, and identifying concentration risks.
The United States Administration has made a similar effort to strengthen the nation’s cyber defences. The Administration has developed a comprehensive cybersecurity strategy and is taking aggressive measures to enhance and maintain the nation’s cyber security. As a result, the White House recently released a fact sheet on improving national cybersecurity, which details numerous advancements in this area.
The Administration has worked closely with critical industries like transportation, finance, water, and healthcare to help stakeholders understand cyber threats to critical infrastructure and implement minimal cybersecurity requirements.
This includes the Transportation Security Administration’s (TSA) implementation of a slew of performance-based directives aimed at improving cybersecurity resilience in the pipeline and rail sectors and a measure of cyber requirements for the aviation industry.