The former CIO of the US federal government says companies looking to nab IT contracts with agencies need to bring more than just a sales pitch.
Tony Scott, who worked as Uncle Sam's CIO from 2015 to 2017, says that the key to getting any agency contract these days is to not only explain why your company is best for the job, but present a plan for how everything will be implemented and done in line with government requirements.
In particular, he noted that many companies who came to him with pitches could not tell him their plan to implement it and what consulting house would be partnering to make sure federal guidelines and requirements were being met.
Pentagon 'do not buy' list says нет to Russia, 不要 to Chinese codeREAD MORE
"I would tell companies you had marketing, but no implementation plan," Scott said of his time as CIO. "You didn't bring in the right partners to the table, you had no insertion strategy."
Meanwhile, government agencies should get comfortable with the idea of adapting commercial products and services for their particular IT needs.
Scott, who we should note was speaking at the behest of FireEye for its 2018 Cyber Defense Summit in Washington DC, opines that government agencies need to get off the idea of building their own solutions and instead look to go with aftermarket systems.
This is because purpose-built IT systems are particularly difficult to update and maintain under the government funding structure, whereas commercial software is constantly upgraded by the vendor.
"We found that a well meaning technologist at every point in the last 30 to 40 years, when given money to put in a new system went out to find the best technology they could find at that particular moment in time," Scott explained.
"They would buy it and develop custom software built on that platform, then after a while that program didn't get any more startup funding, we forever cement in time a platform."
24-hour non-party people
Meanwhile, FireEye honcho Kevin Mandia made his case for why companies should pick FireEye for their threat intel needs: Mainly, it's because the company is staffed by confirmed workaholics who don't know the meaning of the phrase "off the clock".
"I can call any of my employees on a Sunday night and expect them to answer," boasted Mandia, who also claims to have slept at customer co-location sites on some 50 or so occasions (he notes the powerful air conditioners and abundant white noise make for a pleasant slumber.)
"I know there is a younger generation that believes in work-life balance, I know I should support that, but at FireEye we do things different."
Yet, Mandia seemed genuinely puzzled when presented with the ongoing manpower shortage in the information security space. The FireEye boss posited that there is not yet a good way for smaller companies to have a robust security infrastructure with larger firms snapping up all the qualified professionals.
"I don't have a good answer here. They don't have the people, they don't have the resources," said Mandia. "A good threat actor, if they want to break into your organization is going to be successful."
But at least you'll have FireEye to call on a Sunday night when it happens. ®