Upcoming events

Follow Us

Upcoming events

Featured members

Menu
Log in


Log in

Log In

  • 30 Jun 2021 9:34 AM | Kenn Rivers (Administrator)

     Cybercrime is exploding!! What are you doing to protect your company.

    IN 2020, There were over 300 MILLION ransomware attacks and a total of over 1 BILLION malware attacks of some sort. ARE YOU READY?

    As many as 60% of small businesses close after experiencing a data breach.

    So, what is the answer? Having a secure cyber environment.

    (What is NIST 800-171 and Cybersecurity Maturity Model Certification (CMMC) and how to prepare for it.)

    The New CMMC Requirement will impact every government contractor. If you are an existing prime contractor, a subcontractor or brand new to the government market, you will be required to implement the CMMC standards at some point. If you don’t have it in place, you may not be able to bid on most DoD projects and eventually any government contract.

    Even if you are not a DoD or government contractor yet, you still need to have a secure Cyber Environment!!!

    Join us Wednesday, July 14th to learn what is CMMC and how you can prepare to implement the standards for your organization.

    What you will learn:

    • What is NIST 800-171 and CMMC or Cybersecurity Maturity Model Certification
    • Does my business need to get certified
    • What is the assessment process
    • What deficiencies are companies seeing during pre-assessments
    • Is there a way to insure your company if we are attacked
    • How to leverage this program to help you win more contracts
    • Why CMMC may be the most important certification you will ever earn
    • What happens if your company fails the certification assessment
    • How often does my company need be recertified
    • Will we lose our certification if a hacker breaches security
    • Where can I get help to implement CMMC
    • When will I need to have CMMC in place
    • What happens if a company fails its certification assessment
    • What is your next step

    What: The most important change in regulations for government contractors in decades!

    Where: Virtual (Zoom-below)

    When: Wednesday, July 14th

    Time: 12:00-1:30pm EDT/ 9:00am-10:30am PST

    Cost: FREE

    Want to join GCA? Click here: http://www.govassociationnw.org/join

    Who Should Attend:

    - Those wanting to continue, or start, doing business with the Federal Government

    - Any business owner looking to learn how cybersecurity and CMMC will affect their business

    - All members of Government Contractors Association

    - Any business owner or business development leader looking take advantage of this new certification

    - Any established business looking to expand their network and netWORTH


    Join Zoom Meeting - signup here

    https://govassociationnw.org/events

    To Learn More- https://www.govassociationnw.org/cmmc 

    One tap mobile

    +12532158782,,91447449654# US (Tacoma)

    +13462487799,,91447449654# US (Houston)

  • 25 Jun 2021 6:11 AM | Kenn Rivers (Administrator)

    Ask for a Demo Today!

    WHAT IF THERE IS A FASTER WAY TO WINNING GOVERNMENT CONTRACTS?

     

    The truth is, there is nothing fast about the government contracting market.  On average, it takes 36 months for a business to lay a foundation in the government market.  What if you had a "Fast Track" process to help you navigate through the government contracting maze so you can win government contracts?  What if you could cut the average time from 36 months down to 12 or even 6 months?

     

    That's exactly what we've done here.  We've invested over 10,000 hours of research and development to put together a software program that includes virtually everything you could imagine.  We call it "GOV FAST TRACK".  What would have taken you years to discover and learn is now available in a simple and easy to use platform. Now you can win government contracts the fast way.

    LEARN MORE=> GovAssociation NW - Fast Track Software

    Add Comment

  • 09 Jun 2021 11:11 AM | Kenn Rivers (Administrator)

    The Biden administration has announced a new initiative of "increasing the share of contracts going to small disadvantaged businesses by 50 percent by 2026 - translating to an additional $100 billion to small disadvantaged businesses (SDBs) over the 5 year period."  These plans were announced on June 1, 2021, the 100 year anniversary of the Black Wall Street massacre in Tulsa, Ok.  The increase in set-aside contracting is one part of a platform of steps the administration is taking to address the racial wealth gap by providing additional opportunities to small minority businesses.  Click here for full details


    What does this mean for you as a contractor?

    The Biden administration is "launching an all-of-government effort to expand contracting opportunities for underserved small businesses across the country." Contractors need to begin positioning themselves for the new or increased opportunities.

     It is time to work on your small business certifications. These will be important to qualify for any new set-aside contracts.  There will surely be new opportunities made part of the 8(a) BD program, but there may be opportunities for companies with other small business certifications through partnerships and subcontracting. 8(a) firms may want to expand their capabilities through new partnerships.  Non-8(a) firms should consider more Mentor-Protege relationships with 8(a) firms.

    Your preparation should continue beyond relationships. Consider getting CMMC certified if you plan to target DOD contracts. Will you need additional funding for potentially larger contracts? Do you need additional bonding capacity? Learn new Capture Management strategies. Monitor any announcements from various federal agencies announcing new contracting opportunities as a result of this new initiative.  Happy hunting!

    Add Comment


  • 02 Jun 2021 9:54 AM | Kenn Rivers (Administrator)

     

    The Department of Transportation is another familiar department.  It establishes the nation’s transportation policy.  The Department of Transportation oversees aviation, highways, mass transit, railroads, ports, pipelines and more.  

    There are 12 key agencies that support the DOT in its mission to oversee the movement of products and people across the United States. There is a separate agency that handles each of the modes of transportation.  The Federal Aviation Administration (FAA) handles aviation; the Federal Highway Administration is responsible for highways; the Federal Transit Administration monitors all public transit systems; the Federal Railroad Administration is in charge of railroads; the Pipeline and Hazardous Materials Safety Administration is responsible for pipelines; and the Maritime Administration promotes the seamless integration of waterborne transportation with other segments of the transportation system.

    Although the responsibilities of the aforementioned agencies appear obvious, some agencies are charged with much broader tasks.  The Maritime Administration for example works in a wide array of areas involving ships, shipping, shipbuilding, ship disposal, port and vessel operations, and national security.  The agency maintains a fleet of cargo ships in reserve in cases of war and national emergencies and also maintains the viability of the U.S merchant marine.  The Maritime Administration also administers the America’s Marine Highway program and is responsible for the 25,000+ miles of coastal, intercostal and inland waterways.  If you are in the transportation industry and can make use of these underutilized Marine Highways, there may be federal grant money available for you.  Check out this link http://edocket.access.gpo.gov/2010/pdf/2010-20013.pdf  for details on the America’s Marine Highway Grant Notice of Funds Availability.

    Other key agencies of the Department of Transportation are the Bureau of Transportation Statistics - a statistical agency that administers data collection, analysis and reporting and ensures the most cost effective use of transportation monitoring resources; the National Highway Traffic Safety Administration - that directs highway safety programs; the Federal Motor Carrier Safety Administration - who’s primary mission is to prevent commercial motor vehicle related fatalities and injuries;  the Research and Innovative Technology Administration - charged with deploying cutting edge technologies to improve the nation’s transportation systems; the Surface Transportation Board - an economic regulatory agency charged by Congress with resolving railroad rate and service disputes; and Saint Lawrence Seaway Development Corporation - that operates constructs and maintains that part of the St Lawrence  Seaway between Port of Montreal, Canada and Lake Erie that lies within the US.  

    Most people only of the usual planes, trains and automobiles when they think of DOT contracting opportunities.  They don’t realize that research companies that are pioneering cars that drive themselves or cars that hover and fly have a place in the DOT in the Research and Innovative Technology Administration.  Nor do they think about the arbitrators and mediators who settle disputes in the Surface Transportation Board.

    So whether you are a trucker, a pilot, a merchant marine or a railway engineer, the Department of Transportation has got you covered.  And if your business supports these folks or the adjacent industries, there are probably contracting opportunities awaiting you at the DOT.


    Add Comment


  • 24 May 2021 11:33 AM | Kenn Rivers (Administrator)

    The Colonial Pipeline cyberattack was a ransomware attack. It was a financially driven cybercrime and unfortunately, it happens all too often. Our Nation is extremely bright and at the top of technology and security, yet we still see so many successful cyber-attacks. Businesses of all sizes are suffering cyber threats and cybercrime daily.

    When we heard about SolarWinds cyberattack late last year, some of us may have nodded our heads acknowledging the importance of cybersecurity but the Colonial Pipeline attack is a really big wake-up call to small and big businesses, alike. Cyber Resiliency starts with good control of our security posture. It's about giving priority to the digital systems we utilize to run our operations or deliver our services. It is about investing in a risk mitigation plan and having a buttoned-up security posture and cyber-incident response suited for our businesses to mitigate our vulnerabilities and protect our assets. A very big part of achieving cyber resiliency is cyber awareness training.

    We need to protect our business from cyberattacks, and if breached, our company needs to survive a devastating cyberattack with minimal disruption or detrimental financial consequences. Cyberattacks are the single largest risk to our business today. This year alone, businesses have experienced an eye-opening 80% increase in cyberattacks with Ransomware attacks up 148% and phishing attacks up 600%. The odds that our business is the next target in a cyberattack have never been higher. For this reason, many businesses are seeking an additional layer of protection in the form of Cybersecurity & Cyber Liability Insurance.

    Small businesses, DoD contractors and private contractors are particularly vulnerable because many of them do not have the necessary resources to have buttoned up cybersecurity posture and hire full-time cybersecurity experts. It’s no surprise that small businesses comprise half to three-quarters of all ransomware victims. And when these businesses do become targets, it can have devastating and permanent impacts, forcing some to close their doors permanently.

    The good news is that DoD and Government Contractors don’t have to implement cybersecurity requirements alone and there are affordable solutions for every budget. That is why the Department of Defense has laid out security measures to help businesses to understand their responsibility and respond to a cyberattack with more preparedness. The Cybersecurity Maturity Model Certification identifies the level of security you need as a small business and as a Federal Contractor.

    In the past, vendors were able to self-certify that they were meeting the security requirements of NIST 800-171. Unfortunately, this isn't working out very well and some vulnerabilities could easily be avoided. There is no doubt that cybercrime has been increasing rapidly and we need to protect our businesses as one Nation. The DoD has a very secure cyber environment, so hackers are constantly trying to hack into vendors, such as SolarWinds cyberattack, and then swim upstream to all the networks that are connected to the vendor, including DoD. In the previous contracting model, the DoD focused on four areas: *cost *schedule *performance, and *cybersecurity. Since cybersecurity needs to be buttoned up top to down with minimal vulnerability, the DoD has switched the focus to building a foundation on cybersecurity.

    Having a CMMC not only shows that you are building a cyber secure culture as you serve the government, but it also gives you the best opportunity to go to the front of the line for DoD contracts. Anybody who is not certified is not even allowed to bid on the DoD contracts. This will put you way ahead of the pack and give you the best opportunity to increase your profitability in the government space. Cybersecurity and building cyber resiliency are not a 'one and done' model but rather a foundation that our government is teaching us to give importance to. By having the certification for your level, building a buttoned-up cybersecurity posture, and having cyber insurance to protect you financially if you face cyber threats, you are helping your own business to get more contracts and have a cyber secure and financially promising future!

    Add Comment


  • 23 Apr 2021 8:21 AM | Kenn Rivers (Administrator)

    As you embark on the CMMC journey and prepare to learn more about the certification process and apply to be certified as a federal contractor, you will come across many acronyms. Some of these acronyms play a major role as you become CMMC certified. It would definitely be worth to have a quick reference page as you move forward and get your pre-assessment started.

    The following glossary is adapted from the DOD’s CMMC 1.0 Appendices as well as CMMCAB.ORG and republished here as a service to our readers and clients looking into getting pre-assessment for CMMC Compliance and prepare for the assessment. CMMC definitions will be the standard for use of terms by CMMC Auditors. We also hope this will help you and your team speak the same language.

    CMMC ACRONYMS & DEFINITION

    C3PAO - CMMC Third-Party Assessors Organization

    Organization authorized to manage the assessment process and enter into a contract to deliver CMMC assessments with assessed organization and certified CMMC assessors.

    CCA/CCP - Certified CMMC Assessors/Professionals

    Credentialed Individuals are authorized to deliver assessments, training, and consulting.

    CUI - Controlled Unclassified Information

    Information that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and government-wide policies, excluding information that is classified under Executive Order.

    CDI - Covered Defense Information

    Term used to identify information that requires protection under DFARS Clause.

    Unclassified controlled technical information (CTI) or other information, as described in the CUI Registry, that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Government wide policies and is:

    *Marked or otherwise identified in the contract, task order, or delivery order and provided to the contractor by or on behalf of, DoD in support of the performance of the contract, OR

    *Collected, developed, received, transmitted, used, or stored by, or on behalf of, the contractor in support of the performance of the contract.

    Cybersecurity

    Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation.

    Defense Industrial Base (DIB)

    The worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet U.S. military requirements.

    Domain

    Domains are sets of capabilities that are based on cybersecurity best practices. There are 17 domains within CMMC. Each domain is assessed for practice and process maturity across five defined levels.

    Encryption

    The process of changing plaintext into cipher text.

    Encryption Policies

    Policies that manage the use, storage, disposal, and protection of cryptographic keys used to protect organization data and communications.

    FCI - Federal Contract Information

    Federal contract information means information, not intended for public release, that is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government, but not including information provided by the Government to the public (such as on public Web sites) or simple transactional information, such as necessary to process payments.

    Firewall

    A device or program that controls the flow of network traffic between networks or hosts that employ differing security postures.

    ICAM - Identity, Credential, and Access Management

    Programs, processes, technologies, and personnel used to create trusted digital identity representations of individuals and non-person entities (NPEs), bind those identities to credentials that may serve as a proxy for the individual or NPE in access transactions, and leverage the credentials to provide authorized access to an organizations’ resources.

    Insider Threat

    The threat that an insider will use her/his authorized access, wittingly or unwittingly, to do harm to the security of the organization or the United States. This threat can include damage to the

    United States through espionage, terrorism, unauthorized disclosure, or through the loss or degradation of departmental resources or capabilities.

    LPP - Licensed Partner Publisher The CMMC-AB LPP program is designed for publishers of educational courses and content who wish to sell such content to education organizations such as universities, online schools or professional schools or direct to consumer. Listed as a LPP on the CMMC-AB website.

    LTP - Licensed Training Providers The CMMC-AB LTP program is designed for providers of education and training services such as colleges, universities, online schools, professional schools, internal corporate training departments, or any direct-to-consumer learning providers. Delivers certified training to students using approved curriculum developed by LPPs. Listed as a Licensed Training Provider on the CMMC-AB Marketplace.

    Maturity Model

    A maturity model is a set of characteristics, attributes, or indicators that represent progression in a particular domain. A maturity model allows an organization or industry to have its practices, processes, and methods evaluated against a clear set of requirements (such as activities or processes) that define specific maturity levels. At any given maturity level, an organization is expected to exhibit the capabilities of that level. A tool that helps assess the current effectiveness of an organization and supports determining what capabilities they need in order to obtain the next level of maturity in order to continue progression up the levels of the model.

    MFA - Multifactor Authentication

    Authentication using two or more different factors to achieve authentication. Factors include something you know (e.g., PIN, password); something you have (e.g., cryptographic identification device, token); or something you are (e.g., biometric).

    OSC - Organization Seeking Certification

    The company that is going through the CMMC assessment process to receive a level of certification for a given environment. The certificate allows organization to bid on DoD contracts up to the identified Maturity level.

    Patch

    An update to an operating system, application, or other software issued specifically to correct particular problems with the software.

    PII - Personally Identifiable Information

    Information which can be used to distinguish or trace the identity of an individual (e.g., name, social security number, biometric records) alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual (e.g., date and place of birth, mother’s maiden name).

    Risk Assessment

    The process of identifying risks to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, resulting from the operation of a system.

    Risk Management

    The program and supporting processes to manage information security risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation.

    Risk Mitigation

    Prioritizing, evaluating, and implementing the appropriate risk-reducing controls/countermeasures recommended from the risk management process.

    RP/RPO - Registered Provider/Organization

    Authorized to represent the organization as familiar with the basic constructs of the CMMC Standard with a CMMC-AB provided logo.

    The RPOs and RPs in the CMMC ecosystem provide advice, consulting, and recommendations to their clients. They are the “implementers” and consultants, but do not conduct Certified CMMC Assessments. Any references to “non-certified” services are only referring to the fact that an RPO is not authorized to conduct a certified CMMC assessment.

    SOC - Security Operations Center

    A centralized function within an organization utilizing people, processes, and technologies to continuously monitor and improve an organization’s security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents.

    SCRM - Supply Chain Risk Management

    A systematic process for managing supply chain risk by identifying susceptibilities, vulnerabilities, and threats throughout the supply chain and developing mitigation strategies to combat those threats whether presented by the supplier, the supplied product and its subcomponents, or the supply chain (e.g., initial production, packaging, handling, storage, transport, mission operation, and disposal).

    Standards

    A document, established by consensus and approved by a recognized body, that provides for common and repeated use, rules, guidelines or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context.

    Threat

    Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other

    organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.

    Unauthorized Access

    Any access that violates the stated security policy.

    User

    Individual, or (system) process acting on behalf of an individual, authorized to access an information system.

    Vulnerability Assessment

    Systematic examination of an information system or product to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such measures after implementation.

    Tool Learn More & where / how we can help:

    GovAssociation NW - Cybersecurity Maturity Model Certification (CMMC)


    Add Comment

  • 20 Apr 2021 1:47 PM | Kenn Rivers (Administrator)

    CMMC is the Department of Defense's newest tool to ensure vendors who supply services and products to the DoD have a secure cyber environment. In the past, vendors and federal contractors were able to self-certify that they were meeting the requirements of NIST 800-171. This is no longer true, if you're a vendor doing business with the Department of Defense or wanting to do business with the Department of Defense, you will lose that opportunity if you cannot earn your CMMC certification.

    Prior to getting an actual CMMC assessment, you will want to prepare and get a pre assessment. It can be a lengthy process ensuring that you meet all the requirements of not only NIST 800-171 but the new CMMC requirements.

    Here's a brief overview of the CMMC timeline:

    *January 2020, CMMC-AB officially launched

    *Summer of 2020, Certification and Registrations applications accepted

    *Fall/winter of 2020, Certified Publishers and Trainers chosen

    *Winter of 2020, training for Assessors and Professional start

    *Summer/Fall of 2021, first commercial CMMC certifications available

    *Summer 2021, the first RFP is coming out that will affect 1,500 vendors

    *2022, larger percentage of CMMC contracts coming out

    *End of 2025, all DoD contractors must be certified

    As a Federal Contractor, you must show a culture of cybersecurity. You cannot implement cybersecurity tools and practices one week and then the following week, have an assessor come in and look at your records and see that you just started doing it. The CMMC AB will ensure you have a culture where everybody in your organization understands the importance of cybersecurity.

    CMMC is the best opportunity for you to go to the front of the line for DoD contracts. Any contractor who is not certified is not even allowed to bid on the DoD contracts. Other federal agencies will also be requiring CMMC in the near future.

    Getting your pre-assessment, applying any remediations and/or closing any vulnerability gaps in your system and being on the path to be certified by the CMMC assessors will put you way ahead of the pack and it will give you the best opportunity to increase your profitability in the government space.

    Add Comment


  • 08 Apr 2021 9:02 AM | Kenn Rivers (Administrator)

    The first step to learning about the Cybersecurity Maturity Model Certification (CMMC) is to understand DoD’s mission. The Cybersecurity Maturity Model Certification Accreditation Body, also known as the CMMC-AB, "establishes and oversees a qualified, trained, and high-fidelity community of assessors. CMMC-AB also manages the ecosystem and oversee all the entities that can deliver consistent and informative assessments to participating organizations against a defined set of controls/best practices within the Cybersecurity Maturity Model Certification (CMMC) Program."

    The CMMC Model is both created and managed by the Department of Defense (DoD). The CMMC-AB reviews and combines various trusted cybersecurity standards and best practices and uses them across several knowledge levels that range from basic cyber hygiene to advanced. The CMMC-AB manage the system that ensures OSCs implements recommended controls and processes for a given CMMC level to reduce risk against a specific set of cyber threats. This method aids in both compliance and security that is both cost-efficient and affordable for small businesses.

    The CMMC stands by DoD’s mission to secure small businesses in an economically sound way that does not disregard proper compliance and security levels that have been proven to work against cyber attacks that threaten to hack and compromise important data. The CMMC provides a secure framework in which information, such as, FCI/CUI can be protected. The CMMC is evolving and has created pioneering ways to secure important information for small businesses that builds on proven existing frameworks and methods to secure important information while considering affordability and security at the same time.

    If you are interested in bidding and serving DoD Contracts or if you are currently a federal contractor and want to continue serving federal contracts, CMMC certification allows your company to continue participation and bid on DoD contracts. Within the CMMC, there are Security Maturity level 1 through 5, five being the highest. Once your company gets CMMC certification, it will be good for up to 3 years.

    It is highly recommended by the CMMC-AB that any contractors currently working on DoD contracts, or wanting to bid on them start the pre-assessment of their business security, practices & processes, and have plans to fix any deficiencies' or vulnerabilities that are found. All DoD suppliers, and eventually all federal government suppliers will need to comply with the CMMC Certification requirements.

    Add Comment

  • 18 Mar 2021 6:04 AM | Kenn Rivers (Administrator)

    Not familiar with CMMC? Well, if you are a federal contractor, you will need to be. If you have not heard, CMMC will be the most important certification you will need in the coming years as a government contractor. Maybe, more important than, 8a, WOSB, HUBZone, SDVOSB, MBE, WBE, and other such certifications for federal contracting.

    CMMC stands for Cybersecurity Maturity Model Certification and it is coming… FAST. On January 31, 2020 CMMC  was announced and soon it will be expected of every DOD contractor. Eventually, civilian agencies, large primes and potentially publicly traded companies will most likely require that you implement these new requirements.

    Three Key takeaways are these:

    1. Cybersecurity risks threaten the Defense industry and the National Security of the US and its allies,

    2. The CMMC model is a collaboration between industry, academia, military, Capitol Hill and the public,

    3. This is just the first milestone.

    The goal of the CMMC is to achieve a Cyber Safe, Cyber Secure and Cyber Resilient Defense Industrial base.

    The most vulnerable link in the Defense supply chain is usually six, seven or eight levels down. This usually lies with us, the small business subcontractor. Because we may not have strong cybersecurity defense systems in place, it is relatively easy for a cyber attacker to breach our systems. We then inadvertently transmit the malware, trojan horse or a myriad of other crippling cyber threats up the supply chain as we communicate with the sub or prime contractor above us.

    Historically, $600 Billion – approximately 1% of GDP – is lost via cyberthreats. With the introduction of CMMC, the Defense industry is taking seriously the task of eliminating these threats to every extent possible.

    What is the timeline for CMMC?

    The 2021 CMMC Timeline

    The first six months of 2021 are still murky as to what the CMMC Accreditation Body and procurement officers will do. But it’s the first two quarters that will be some of the most formative in terms of the program structure moving into the next 5 years, which is when all DoD contractors and subcontractors will have to complete the CMMC.

    To learn more about CMMC, check out these resources:

    https://www.acq.osd.mil/cmmc/faq.html

    https://www.cmmcab.org

    https://youtu.be/5amuow9PZwg?t=142

    Add Comment

  • 04 Mar 2021 10:34 AM | Kenn Rivers (Administrator)

    The United States Military budget has always been generous. However, on December 21, 2019, the National Defense Authorization Act (NDAA) increased the military budget to $738 billion. That’s $22 billion more than 2019. 

    The bill lays out how and where to allocate the funds, but a lot is left open to DoD discretion. Per usual, a large amount is allocated to specific military bases ramping up new construction. 

    The United States government is one of the largest consumers in the world. In fiscal year 2020 alone, they awarded $554 billion in contracts. If you’re in the construction industry, you ought to want the U.S. government as a customer. Federal spending for the construction industry averages around $30 billion each year.

    They pay well, and they have plenty of upcoming and ongoing construction projects. Let’s take a look at some of the new construction going on in U.S. Military bases.

    The NDAA Funds

    The NDAA listed several projects and budgets for those projects. Here are some examples of those: 

    • In North Carolina, $2.2 billion was allocated for military construction, and $1.1 billion was allocated towards Hurricane Florence recovery at Air Station New River, Air Station Cherry Point, and Camp Lejeune.

    • Fort Bragg received $96.6 million for new construction, including a special operations facility, dining facility, training complex, and more. 

    • At Camp Pendleton in California, $71.7 million was allocated for a new warehouse and mess hall, and $17.7 million for a new dental clinic and ambulatory care center. 

    • Fort Drum in New York has $21 million to go towards transportation projects. 

    • Tyndall Air Force Base in Florida was given $3.4 billion to rehabilitate hundreds of buildings that were destroyed by Hurricane Michael. 

    • Offutt Air Force Base in Nebraska was given $14,5 million to demolish and rebuild 137 facilities that were damaged during flooding. 

    • Foot Hood in Texas received $32 million for new soldier barracks. The Joint Base San Antonio was given $207 million to modernize several buildings. 

    The interesting thing is that these projects list the bare minimum of what’s needed for each project. 

    For instance, most facilities need to meet energy standards, exceed building codes with a fire suppression system, and any of the bases wrecked by floods will need to be built on elevated structures versus grounded foundations.  

    However, these needs and details aren’t listed on the government contract boards. They’re very basic listings.

    Additionally, the following other bases received more than $100 million to use towards construction. 

    • Marine Corps Air Station in Yuma, Arizona ($189.7 million)

    • Malmstrom Air Force Base in Montana ($235 million)

    • Schriever Air Force Base in Colorado ($148 million)

    • Naval Base Coronado in California ($165.8 million)

    • Marine Corps Base Quantico in Virginia ($143.3 million)

    • Marine Corps Air Station Kaneohe Bay located in Hawaii ($134 million)

    • Naval Station Norfolk in Virginia ($139.1 million)

    • Hill Air Force Base in Utah ($114.5 million)

    • Naval Weapons Station Seal Beach in California ($123.3 million)

    • Fort Gordon, Georgia: ($107 million) 

    While it might seem like these bases received a lot of money, all of these military bases have much more needs and plans for future years. This is evident if you peek inside any base’s plans. 

    Let’s take a look at Fort Gordon, located in Georgia. 

    Upcoming Projects at Fort Gordon, Georgia 

    In Fort Gordon, there is already $1.6 billion worth of planned investments in major R&M (restoration and modernization) and MILCON projects. These projects include a variety of different tasks to modernize and meet the mission and growth requirements of Fort Gordon. 

    Here are a few of those projects: 

    • Permanent Party and NCOA Barracks Renovations - The buildings have mold and mildew issues due to outdated HVAC systems. They estimate the cost to be around $8M per building (7 Buildings total).  

    • Child and Youth Services Facilities – There’s an enormous amount of plans for various childcare facilities. 

    • New Fitness Facility, located in AIT barracks - The cost is estimated to be around $39 million. The new facility will include: 

    • 114,540 square feet 

    • 20,000 square feet  

    • a fitness module

    • exercise module

    • gymnasium 

    • structured activity module

    • locker rooms

    • control desk

    • administrative areas

    • laundry

    • storage 

    • 3-lane indoor jogging track

    • 25-meter pool  

    • New Chapel with Religious Education center - The cost is estimated to be around $44 million. It will include: 

    • 116,400 square feet (2 stories) 

    • 600 seat sanctuary

    • activity center for 580 people 

    • 17 religious educational classrooms

    And these are just four of the projects at Fort Gordon. Some other projects are already underway or have already been awarded to contractors. 

    So, how do you make the U.S. government and military your customer? How do you become a construction contractor for the U.S. military?

    Getting Started with Military Construction

    At a base level, you need to be good at what you do. You’ll have to bid on contracts, so you want to ensure that your company is better than the average company on the street. Moreover, any specialized construction skills will go a long way in winning those contracts. 

    If you specialize in using specific materials or techniques like using tilt up panels and optimizing for energy efficiency – you’re going to stand out. But getting on the radar isn’t always easy. 

    It’s wise to use small business set-aside programs like HubZone, SDVOSB, WOSB, or the 8a Certification program which can open doors faster and limit the competition. For example, through the HubZone program $122 million was awarded to construction companies with this certification. Using programs like HubZone can help you get your foot in the door with military contracts, making landing future jobs easier. 

    The most critical thing is to start now. There’s plenty of money in military construction, and it seems to be increasing all the time. The sooner you get started, the sooner you will get your piece of the government contracting pie.


    ABOUT THE AUTHOR: Matt Lee is the owner of the Innovative Building Materials blog and a content writer for the building materials industry. He is focused on helping fellow contractors, homeowners, and architects discover materials and methods of construction that save money, improve energy efficiency, and increase property value.

    Add Comment




Powered by Wild Apricot Membership Software