Upcoming events

Follow Us

Upcoming events

Featured members


Log in

Log In

<< First  < Prev   1   2   3   Next >  Last >> 
  • 04 Aug 2021 11:12 AM | Kenn Rivers (Administrator)

    All businesses need capital to succeed and there are many sources for business funding. Traditionally, businesses owners turn to banks which are great sources of capital if you meet their requirements and restrictions. Unfortunately, banks seem to favor businesses that do not need money, which is good to know. The best time to develop your banking relationships is when you do not need funding and before you have an emergent need.

    JOIN CFO Richard Brooks, GCA to learn more 8 Sep 2021

    Virtual Lunch & Learn 

    "REGISTER HERE"

    Many business owners self-fund their businesses with savings and credit cards. Some use retirement savings betting on themselves but possibly putting their retirement in jeopardy. Oftentimes a business owner may have their personal and business finances so intertwined that, if their business experiences any financial difficulty, their personal credit begins to suffer. It then becomes difficult for them to get mortgages and personal car loans.

    There are other funding sources, but they can all present challenges for a business owner.

    Funding Source

    • Banks
    • Credit Cards
    • Personal Loan
    • Factoring/Receivables Financing
    • Friends/Family
    • Hard Money

    Challenges

    • Traditional (tough to get funding)
    • Limited usage
    • Needs strong credit score
    • Only available after invoiced
    • Can lose their relationships
    • Requires hard assets for collateral

    When it comes to contracting, many subcontractors could become prime contractors with the right funding support behind them. Many contractors could pursue more contracts if they had the money to get new contracts started. With this in mind, GovBridge Capital, Inc (GBC) was started to offer Mobilization Funding, a funding solution customized for government contractors.

    Mobilization Funding is early stage funding for the startup of you contract. GBC’s Mobilization Funding can be used for project specific payroll, supplies, travel, insurance and other project related expenses. The funding is short-term and is intended to help the contractor get started and stabilized until project payments can sustain the ongoing effort. Each loan is customized to fit the needs of the contractor.

  • 23 Jul 2021 9:45 AM | Kenn Rivers (Administrator)

    “CONGRATULATIONS to Annette Washington” who just received a $5,000 Scholarship to attend our Certified Capture Managers Course https://www.capturemanagement.org this course teaches you everything from A-Z about bidding & winning business in the Government Marketplace. This course also includes our proprietary Govfast Track Software to help walk you through the process…

    I want to thank those that attended training last night we had several new attendees from Eventbrite and watched one of our members receive a local Government Contractors Association Myra Cisse Memorial Training Scholarship.

    Annette is an Army Veteran and business owner who has been an entrepreneur for over a decade. Annette’s business is “AG Washington Web” which is a full service Integrated Digital Marketing Company located in Renton, WA. I really look forward to helping Annette understand the process of winning contracts in the Government Market.

    Please visit AG Washington Web https://Iybs-local.com for ALL your Digital Marketing or Website development needs.

    In February or March 2022 timeframe we will have another Memorial Scholarship Give-away for the next Certified Capture Managers Course, if you would like to know more and start the application process, please contact Brenna Johnson GCA-NW Member Services.

    You could be our next Myra Cisse Training Scholarship Winner!


    Kenn Rivers
    GovAssociation NW
    Member Services


    Add Comment

  • 15 Jul 2021 11:52 AM | Anonymous

    A new IBM (NYSE: IBM) study says government information technology leaders said they expect agencies to make cybersecurity spending a priority for fiscal year 2022 amid the recent cyberattacks.

    IBM said Thursday it commissioned Morning Consult to survey more than 500 current and former U.S. government IT decision makers in June and found that more than 75 percent of respondents said moving data to the cloud is a challenge.

    Nearly 70 percent of respondents said they consider security risks as the top barrier to cloud migration. The survey also showed that security outweighs cost reduction by nearly twofold as the reason for advancing IT modernization.

    “With the President’s executive orders, the U.S. Federal market is facing a massive transformation to its cybersecurity strategy which requires a great deal of technological modernization. While this is a priority for government IT decisions makers, our survey found that they view security as both a driver and barrier to modernization,” said Howard Boville, head of IBM Cloud Platform.

    The Government Index for IT Modernization report showed that between 64 percent and 82 percent of respondents said they believe their current or former agencies are somewhat or very prepared for ransomware and other cyberattacks. However, over 40 percent of IT decision makers said they think agencies will need at least three years to comply with the president’s executive order on encryption and zero trust.

    The survey also found that 46 percent of respondents said they consider security as a primary concern that restricts them from working with third-party vendors.

    Fifty percent of government IT leaders said their agencies are using a combination of security tools for cloud and on-premise threats.

    “Enterprise technology providers are stewards of massive volumes of personal data, and we need to do our utmost to protect this data. A public and private sector partnership that adopts an open and secured hybrid cloud architecture with sophisticated security capabilities can help agencies ensure that data truly remains theirs, even in a multi-cloud environment,” Boville added...


  • 09 Jul 2021 3:39 PM | Kenn Rivers (Administrator)

    How Would You Like The Government as Your #1 Customer?

    "GCA Members get a 50% Discount on this phenomenal video course"

    http://winlucrativegovernmentcontracts.com

    FACT: Let's face it, the government has money! Starting now, the government is increasing contract opportunities with small businesses to help stimulate the economy in the midst of COVID-19 recovery, regardless of administration this will extend for the next few years! - "Are You Ready?"

    Add comment

  • 30 Jun 2021 9:34 AM | Kenn Rivers (Administrator)

     Cybercrime is exploding!! What are you doing to protect your company.

    IN 2020, There were over 300 MILLION ransomware attacks and a total of over 1 BILLION malware attacks of some sort. ARE YOU READY?

    As many as 60% of small businesses close after experiencing a data breach.

    So, what is the answer? Having a secure cyber environment.

    (What is NIST 800-171 and Cybersecurity Maturity Model Certification (CMMC) and how to prepare for it.)

    The New CMMC Requirement will impact every government contractor. If you are an existing prime contractor, a subcontractor or brand new to the government market, you will be required to implement the CMMC standards at some point. If you don’t have it in place, you may not be able to bid on most DoD projects and eventually any government contract.

    Even if you are not a DoD or government contractor yet, you still need to have a secure Cyber Environment!!!

    Join us Wednesday, July 14th to learn what is CMMC and how you can prepare to implement the standards for your organization.

    What you will learn:

    • What is NIST 800-171 and CMMC or Cybersecurity Maturity Model Certification
    • Does my business need to get certified
    • What is the assessment process
    • What deficiencies are companies seeing during pre-assessments
    • Is there a way to insure your company if we are attacked
    • How to leverage this program to help you win more contracts
    • Why CMMC may be the most important certification you will ever earn
    • What happens if your company fails the certification assessment
    • How often does my company need be recertified
    • Will we lose our certification if a hacker breaches security
    • Where can I get help to implement CMMC
    • When will I need to have CMMC in place
    • What happens if a company fails its certification assessment
    • What is your next step

    What: The most important change in regulations for government contractors in decades!

    Where: Virtual (Zoom-below)

    When: Wednesday, July 14th

    Time: 12:00-1:30pm EDT/ 9:00am-10:30am PST

    Cost: FREE

    Want to join GCA? Click here: http://www.govassociationnw.org/join

    Who Should Attend:

    - Those wanting to continue, or start, doing business with the Federal Government

    - Any business owner looking to learn how cybersecurity and CMMC will affect their business

    - All members of Government Contractors Association

    - Any business owner or business development leader looking take advantage of this new certification

    - Any established business looking to expand their network and netWORTH


    Join Zoom Meeting - signup here

    https://govassociationnw.org/events

    To Learn More- https://www.govassociationnw.org/cmmc 

    One tap mobile

    +12532158782,,91447449654# US (Tacoma)

    +13462487799,,91447449654# US (Houston)

  • 25 Jun 2021 6:11 AM | Kenn Rivers (Administrator)

    Ask for a Demo Today!

    WHAT IF THERE IS A FASTER WAY TO WINNING GOVERNMENT CONTRACTS?

     

    The truth is, there is nothing fast about the government contracting market.  On average, it takes 36 months for a business to lay a foundation in the government market.  What if you had a "Fast Track" process to help you navigate through the government contracting maze so you can win government contracts?  What if you could cut the average time from 36 months down to 12 or even 6 months?

     

    That's exactly what we've done here.  We've invested over 10,000 hours of research and development to put together a software program that includes virtually everything you could imagine.  We call it "GOV FAST TRACK".  What would have taken you years to discover and learn is now available in a simple and easy to use platform. Now you can win government contracts the fast way.

    LEARN MORE=> GovAssociation NW - Fast Track Software

    Add Comment

  • 09 Jun 2021 11:11 AM | Kenn Rivers (Administrator)

    The Biden administration has announced a new initiative of "increasing the share of contracts going to small disadvantaged businesses by 50 percent by 2026 - translating to an additional $100 billion to small disadvantaged businesses (SDBs) over the 5 year period."  These plans were announced on June 1, 2021, the 100 year anniversary of the Black Wall Street massacre in Tulsa, Ok.  The increase in set-aside contracting is one part of a platform of steps the administration is taking to address the racial wealth gap by providing additional opportunities to small minority businesses.  Click here for full details


    What does this mean for you as a contractor?

    The Biden administration is "launching an all-of-government effort to expand contracting opportunities for underserved small businesses across the country." Contractors need to begin positioning themselves for the new or increased opportunities.

     It is time to work on your small business certifications. These will be important to qualify for any new set-aside contracts.  There will surely be new opportunities made part of the 8(a) BD program, but there may be opportunities for companies with other small business certifications through partnerships and subcontracting. 8(a) firms may want to expand their capabilities through new partnerships.  Non-8(a) firms should consider more Mentor-Protege relationships with 8(a) firms.

    Your preparation should continue beyond relationships. Consider getting CMMC certified if you plan to target DOD contracts. Will you need additional funding for potentially larger contracts? Do you need additional bonding capacity? Learn new Capture Management strategies. Monitor any announcements from various federal agencies announcing new contracting opportunities as a result of this new initiative.  Happy hunting!

    Add Comment


  • 02 Jun 2021 9:54 AM | Kenn Rivers (Administrator)

     

    The Department of Transportation is another familiar department.  It establishes the nation’s transportation policy.  The Department of Transportation oversees aviation, highways, mass transit, railroads, ports, pipelines and more.  

    There are 12 key agencies that support the DOT in its mission to oversee the movement of products and people across the United States. There is a separate agency that handles each of the modes of transportation.  The Federal Aviation Administration (FAA) handles aviation; the Federal Highway Administration is responsible for highways; the Federal Transit Administration monitors all public transit systems; the Federal Railroad Administration is in charge of railroads; the Pipeline and Hazardous Materials Safety Administration is responsible for pipelines; and the Maritime Administration promotes the seamless integration of waterborne transportation with other segments of the transportation system.

    Although the responsibilities of the aforementioned agencies appear obvious, some agencies are charged with much broader tasks.  The Maritime Administration for example works in a wide array of areas involving ships, shipping, shipbuilding, ship disposal, port and vessel operations, and national security.  The agency maintains a fleet of cargo ships in reserve in cases of war and national emergencies and also maintains the viability of the U.S merchant marine.  The Maritime Administration also administers the America’s Marine Highway program and is responsible for the 25,000+ miles of coastal, intercostal and inland waterways.  If you are in the transportation industry and can make use of these underutilized Marine Highways, there may be federal grant money available for you.  Check out this link http://edocket.access.gpo.gov/2010/pdf/2010-20013.pdf  for details on the America’s Marine Highway Grant Notice of Funds Availability.

    Other key agencies of the Department of Transportation are the Bureau of Transportation Statistics - a statistical agency that administers data collection, analysis and reporting and ensures the most cost effective use of transportation monitoring resources; the National Highway Traffic Safety Administration - that directs highway safety programs; the Federal Motor Carrier Safety Administration - who’s primary mission is to prevent commercial motor vehicle related fatalities and injuries;  the Research and Innovative Technology Administration - charged with deploying cutting edge technologies to improve the nation’s transportation systems; the Surface Transportation Board - an economic regulatory agency charged by Congress with resolving railroad rate and service disputes; and Saint Lawrence Seaway Development Corporation - that operates constructs and maintains that part of the St Lawrence  Seaway between Port of Montreal, Canada and Lake Erie that lies within the US.  

    Most people only of the usual planes, trains and automobiles when they think of DOT contracting opportunities.  They don’t realize that research companies that are pioneering cars that drive themselves or cars that hover and fly have a place in the DOT in the Research and Innovative Technology Administration.  Nor do they think about the arbitrators and mediators who settle disputes in the Surface Transportation Board.

    So whether you are a trucker, a pilot, a merchant marine or a railway engineer, the Department of Transportation has got you covered.  And if your business supports these folks or the adjacent industries, there are probably contracting opportunities awaiting you at the DOT.


    Add Comment


  • 24 May 2021 11:33 AM | Kenn Rivers (Administrator)

    The Colonial Pipeline cyberattack was a ransomware attack. It was a financially driven cybercrime and unfortunately, it happens all too often. Our Nation is extremely bright and at the top of technology and security, yet we still see so many successful cyber-attacks. Businesses of all sizes are suffering cyber threats and cybercrime daily.

    When we heard about SolarWinds cyberattack late last year, some of us may have nodded our heads acknowledging the importance of cybersecurity but the Colonial Pipeline attack is a really big wake-up call to small and big businesses, alike. Cyber Resiliency starts with good control of our security posture. It's about giving priority to the digital systems we utilize to run our operations or deliver our services. It is about investing in a risk mitigation plan and having a buttoned-up security posture and cyber-incident response suited for our businesses to mitigate our vulnerabilities and protect our assets. A very big part of achieving cyber resiliency is cyber awareness training.

    We need to protect our business from cyberattacks, and if breached, our company needs to survive a devastating cyberattack with minimal disruption or detrimental financial consequences. Cyberattacks are the single largest risk to our business today. This year alone, businesses have experienced an eye-opening 80% increase in cyberattacks with Ransomware attacks up 148% and phishing attacks up 600%. The odds that our business is the next target in a cyberattack have never been higher. For this reason, many businesses are seeking an additional layer of protection in the form of Cybersecurity & Cyber Liability Insurance.

    Small businesses, DoD contractors and private contractors are particularly vulnerable because many of them do not have the necessary resources to have buttoned up cybersecurity posture and hire full-time cybersecurity experts. It’s no surprise that small businesses comprise half to three-quarters of all ransomware victims. And when these businesses do become targets, it can have devastating and permanent impacts, forcing some to close their doors permanently.

    The good news is that DoD and Government Contractors don’t have to implement cybersecurity requirements alone and there are affordable solutions for every budget. That is why the Department of Defense has laid out security measures to help businesses to understand their responsibility and respond to a cyberattack with more preparedness. The Cybersecurity Maturity Model Certification identifies the level of security you need as a small business and as a Federal Contractor.

    In the past, vendors were able to self-certify that they were meeting the security requirements of NIST 800-171. Unfortunately, this isn't working out very well and some vulnerabilities could easily be avoided. There is no doubt that cybercrime has been increasing rapidly and we need to protect our businesses as one Nation. The DoD has a very secure cyber environment, so hackers are constantly trying to hack into vendors, such as SolarWinds cyberattack, and then swim upstream to all the networks that are connected to the vendor, including DoD. In the previous contracting model, the DoD focused on four areas: *cost *schedule *performance, and *cybersecurity. Since cybersecurity needs to be buttoned up top to down with minimal vulnerability, the DoD has switched the focus to building a foundation on cybersecurity.

    Having a CMMC not only shows that you are building a cyber secure culture as you serve the government, but it also gives you the best opportunity to go to the front of the line for DoD contracts. Anybody who is not certified is not even allowed to bid on the DoD contracts. This will put you way ahead of the pack and give you the best opportunity to increase your profitability in the government space. Cybersecurity and building cyber resiliency are not a 'one and done' model but rather a foundation that our government is teaching us to give importance to. By having the certification for your level, building a buttoned-up cybersecurity posture, and having cyber insurance to protect you financially if you face cyber threats, you are helping your own business to get more contracts and have a cyber secure and financially promising future!

    Add Comment


  • 23 Apr 2021 8:21 AM | Kenn Rivers (Administrator)

    As you embark on the CMMC journey and prepare to learn more about the certification process and apply to be certified as a federal contractor, you will come across many acronyms. Some of these acronyms play a major role as you become CMMC certified. It would definitely be worth to have a quick reference page as you move forward and get your pre-assessment started.

    The following glossary is adapted from the DOD’s CMMC 1.0 Appendices as well as CMMCAB.ORG and republished here as a service to our readers and clients looking into getting pre-assessment for CMMC Compliance and prepare for the assessment. CMMC definitions will be the standard for use of terms by CMMC Auditors. We also hope this will help you and your team speak the same language.

    CMMC ACRONYMS & DEFINITION

    C3PAO - CMMC Third-Party Assessors Organization

    Organization authorized to manage the assessment process and enter into a contract to deliver CMMC assessments with assessed organization and certified CMMC assessors.

    CCA/CCP - Certified CMMC Assessors/Professionals

    Credentialed Individuals are authorized to deliver assessments, training, and consulting.

    CUI - Controlled Unclassified Information

    Information that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and government-wide policies, excluding information that is classified under Executive Order.

    CDI - Covered Defense Information

    Term used to identify information that requires protection under DFARS Clause.

    Unclassified controlled technical information (CTI) or other information, as described in the CUI Registry, that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Government wide policies and is:

    *Marked or otherwise identified in the contract, task order, or delivery order and provided to the contractor by or on behalf of, DoD in support of the performance of the contract, OR

    *Collected, developed, received, transmitted, used, or stored by, or on behalf of, the contractor in support of the performance of the contract.

    Cybersecurity

    Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation.

    Defense Industrial Base (DIB)

    The worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet U.S. military requirements.

    Domain

    Domains are sets of capabilities that are based on cybersecurity best practices. There are 17 domains within CMMC. Each domain is assessed for practice and process maturity across five defined levels.

    Encryption

    The process of changing plaintext into cipher text.

    Encryption Policies

    Policies that manage the use, storage, disposal, and protection of cryptographic keys used to protect organization data and communications.

    FCI - Federal Contract Information

    Federal contract information means information, not intended for public release, that is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government, but not including information provided by the Government to the public (such as on public Web sites) or simple transactional information, such as necessary to process payments.

    Firewall

    A device or program that controls the flow of network traffic between networks or hosts that employ differing security postures.

    ICAM - Identity, Credential, and Access Management

    Programs, processes, technologies, and personnel used to create trusted digital identity representations of individuals and non-person entities (NPEs), bind those identities to credentials that may serve as a proxy for the individual or NPE in access transactions, and leverage the credentials to provide authorized access to an organizations’ resources.

    Insider Threat

    The threat that an insider will use her/his authorized access, wittingly or unwittingly, to do harm to the security of the organization or the United States. This threat can include damage to the

    United States through espionage, terrorism, unauthorized disclosure, or through the loss or degradation of departmental resources or capabilities.

    LPP - Licensed Partner Publisher The CMMC-AB LPP program is designed for publishers of educational courses and content who wish to sell such content to education organizations such as universities, online schools or professional schools or direct to consumer. Listed as a LPP on the CMMC-AB website.

    LTP - Licensed Training Providers The CMMC-AB LTP program is designed for providers of education and training services such as colleges, universities, online schools, professional schools, internal corporate training departments, or any direct-to-consumer learning providers. Delivers certified training to students using approved curriculum developed by LPPs. Listed as a Licensed Training Provider on the CMMC-AB Marketplace.

    Maturity Model

    A maturity model is a set of characteristics, attributes, or indicators that represent progression in a particular domain. A maturity model allows an organization or industry to have its practices, processes, and methods evaluated against a clear set of requirements (such as activities or processes) that define specific maturity levels. At any given maturity level, an organization is expected to exhibit the capabilities of that level. A tool that helps assess the current effectiveness of an organization and supports determining what capabilities they need in order to obtain the next level of maturity in order to continue progression up the levels of the model.

    MFA - Multifactor Authentication

    Authentication using two or more different factors to achieve authentication. Factors include something you know (e.g., PIN, password); something you have (e.g., cryptographic identification device, token); or something you are (e.g., biometric).

    OSC - Organization Seeking Certification

    The company that is going through the CMMC assessment process to receive a level of certification for a given environment. The certificate allows organization to bid on DoD contracts up to the identified Maturity level.

    Patch

    An update to an operating system, application, or other software issued specifically to correct particular problems with the software.

    PII - Personally Identifiable Information

    Information which can be used to distinguish or trace the identity of an individual (e.g., name, social security number, biometric records) alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual (e.g., date and place of birth, mother’s maiden name).

    Risk Assessment

    The process of identifying risks to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, resulting from the operation of a system.

    Risk Management

    The program and supporting processes to manage information security risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation.

    Risk Mitigation

    Prioritizing, evaluating, and implementing the appropriate risk-reducing controls/countermeasures recommended from the risk management process.

    RP/RPO - Registered Provider/Organization

    Authorized to represent the organization as familiar with the basic constructs of the CMMC Standard with a CMMC-AB provided logo.

    The RPOs and RPs in the CMMC ecosystem provide advice, consulting, and recommendations to their clients. They are the “implementers” and consultants, but do not conduct Certified CMMC Assessments. Any references to “non-certified” services are only referring to the fact that an RPO is not authorized to conduct a certified CMMC assessment.

    SOC - Security Operations Center

    A centralized function within an organization utilizing people, processes, and technologies to continuously monitor and improve an organization’s security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents.

    SCRM - Supply Chain Risk Management

    A systematic process for managing supply chain risk by identifying susceptibilities, vulnerabilities, and threats throughout the supply chain and developing mitigation strategies to combat those threats whether presented by the supplier, the supplied product and its subcomponents, or the supply chain (e.g., initial production, packaging, handling, storage, transport, mission operation, and disposal).

    Standards

    A document, established by consensus and approved by a recognized body, that provides for common and repeated use, rules, guidelines or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context.

    Threat

    Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other

    organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.

    Unauthorized Access

    Any access that violates the stated security policy.

    User

    Individual, or (system) process acting on behalf of an individual, authorized to access an information system.

    Vulnerability Assessment

    Systematic examination of an information system or product to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such measures after implementation.

    Tool Learn More & where / how we can help:

    GovAssociation NW - Cybersecurity Maturity Model Certification (CMMC)


    Add Comment

<< First  < Prev   1   2   3   Next >  Last >> 




Powered by Wild Apricot Membership Software