State & Local Meeting

Town Council Meeting - July 14, 2026

πŸ“‹ Contracting Vehicles πŸ“œ Policy 🚨 Public Safety πŸ’Ό Professional Services

Watch meeting recording

The Town Council of Christiansburg, Virginia, held a meeting on July 14, 2026, where several procurement and budget-related topics were discussed. The council approved the minutes from the previous meeting and the bill list, and set a public hearing for a code amendment related to permitted uses. A significant discussion centered on a proposed amendment to the town code regarding food truck exemptions and their operation on public streets, particularly in the downtown B2 district. The council decided to postpone action on this item to the next meeting to allow affected business owners to provide input, and later voted against holding a formal public hearing on the matter, opting instead to hear comments during citizens' comments. Additionally, the council approved a road closure request for the Heritage Day Festival and appointed Devon Shields as a subdivision agent. There was also an in-depth discussion about the use of Axon auto-transcription software for police body camera footage, including concerns about AI use, data privacy, and contract costs. The council debated the financial and ethical implications of continuing the contract with Axon, ultimately passing the contract by breaking a tie vote. No new contracts or vendor selections were announced, but budget considerations and policy discussions related to procurement and technology use were prominent.

Sources

Federal Event

CBP Seeks 8(a) Contractors for Border Infrastructure Maintenance

πŸ›οΈ Physical Infrastructure πŸ—οΈ Construction & Infrastructure

U.S. Customs and Border Protection (CBP) is conducting a mandatory site visit on July 29, 2026, in Ocotillo, California, for 8(a) certified contractors interested in a competitive set-aside solicitation. The contract covers maintenance, repair, and improvement of tactical infrastructure assets including roads, fences, and lighting within the Yuma and El Centro Border Patrol Sectors along the U.S./Mexico border. This single contract opportunity consolidates multiple infrastructure maintenance needs, emphasizing the importance of attending the site visit to gather critical information for proposal preparation.

  • The solicitation is a competitive 8(a) set-aside, targeting small disadvantaged businesses qualified under the SBA 8(a) program.
  • Contractors must attend the mandatory site visit on July 29, 2026, in Ocotillo, California, to be eligible to submit proposals.
  • The contract involves specialized construction and maintenance services under NAICS codes 237990, 238910, and 238990, relevant to heavy civil engineering and specialty trade contractors.
  • Procurement professionals and contractors should coordinate with CBP contacts Muhanad D. Sasa and Donna R. McMullen for site visit registration and technical inquiries.
  • This opportunity highlights CBP's ongoing investment in border infrastructure readiness and maintenance, signaling continued demand for infrastructure services in border security contexts.

Sources

Federal Event

Navy and MARAD Host Auxiliary Ships Industry Day in DC

πŸ›οΈ Physical Infrastructure πŸ›‘οΈ Defense & Military 🚚 Transportation

The Department of the Navy's Portfolio Acquisition Executive Maritime and the Department of Transportation Maritime Administration (MARAD) are jointly hosting an Auxiliary Ships Industry Day on August 5-6, 2026, near the Washington Navy Yard, District of Columbia. This event targets vessel construction managers, shipyards, and key suppliers to gather market research and feedback on three significant ship acquisition programs: the Bulk Fuel Consolidated Cargo Tanker, the Next Generation Hospital Ship (T-AH(X)), and the Roll-on/Roll-off (RO/RO) Vessel Program. Registration is required by July 29, 2026, but attendance is limited and not guaranteed.

  • Why this matters: Procurement professionals and contractors should prepare to engage with Navy and MARAD acquisition teams to influence requirements and positioning for upcoming contracts in auxiliary shipbuilding.
  • The event provides early insight into program priorities and acquisition strategies for major maritime vessel programs managed by PAE Maritime and MARAD.
  • Companies specializing in ship construction, maritime logistics, and vessel systems can leverage this opportunity to align capabilities with government needs and establish relationships with key stakeholders.
  • Timely registration by July 29, 2026, is critical for participation and to gain competitive intelligence ahead of formal solicitations.

Sources

Federal News

DoD Suspends CMMC Phase II Implementation

πŸ”’ Cybersecurity πŸ›‘οΈ Defense & Military

The Department of Defense (DoD) has officially suspended the implementation of Cybersecurity Maturity Model Certification (CMMC) Phase II, which included mandatory third-party assessments for CMMC Level 2, originally scheduled to begin November 10, 2026. This pause reflects concerns about cost and access barriers, especially for small and non-traditional defense contractors. Despite the suspension of third-party certification requirements, contractors must continue to comply with existing cybersecurity mandates, including self-assessments aligned with NIST SP 800-171 Revision 2 controls and Defense Federal Acquisition Regulation Supplement (DFARS) safeguarding clauses. The DoD has established a CMMC Reform Task Force tasked with reviewing the program and recommending changes within 60 days. Stakeholders are invited to provide feedback by August 14, 2026, through a Request for Information (RFI).

  • Why this matters: Procurement professionals and contractors should recognize that while third-party CMMC assessments are paused, cybersecurity compliance obligations remain mandatory and enforceable.
  • Organizations should leverage this pause to strengthen internal cybersecurity practices and prepare for potential program revisions.
  • Small and non-traditional businesses may find opportunities to influence program reforms through the August 14 stakeholder feedback deadline.
  • Cybersecurity service providers can anticipate evolving market demand as the DoD revises CMMC requirements and enforcement mechanisms.

Sources

DoD Pauses CMMC Phase II Implementation

Federal News

DoD Pauses CMMC Phase II Implementation

πŸ”’ Cybersecurity βœ… Regulatory Compliance πŸ›‘οΈ Defense & Military πŸ’» Information Technology

The U.S. Department of Defense has officially paused the rollout of Phase II of the Cybersecurity Maturity Model Certification (CMMC) 2.0 program, which was scheduled to begin November 10, 2026. This pause suspends the requirement for third-party cybersecurity assessments for defense contractors, particularly impacting over 120,000 small and midsized businesses and tribal enterprises in the defense supply chain. During a 60-day review period, a CMMC Reform Task Force will collect industry feedback and propose adjustments to better align cybersecurity mandates with troop readiness priorities, reduce administrative burdens, and enhance opportunities for smaller contractors. Meanwhile, Phase I self-assessment requirements remain in effect, and all pending CMMC milestones are suspended. Industry experts anticipate that some form of third-party or government-led cybersecurity validation will eventually return, especially for higher-risk contracts, but with a focus on reducing complexity and cost.

  • Why this matters: Procurement professionals should note the suspension of mandatory third-party audits, which affects contract eligibility and compliance timelines for many defense contractors.
  • Organizations currently preparing for Phase II certification can adjust their strategies to focus on maintaining Phase I self-assessments while awaiting revised requirements.
  • Small and midsized contractors may find new opportunities as the DoD seeks to reduce bureaucratic hurdles and better support these businesses in cybersecurity compliance.
  • Cybersecurity service providers and assessors should anticipate changes in certification processes and prepare to support contractors through the upcoming reform and potential reinstatement of validation mechanisms.

Sources

Federal Event

NAVAIR Hosts UAS Training Industry Day

πŸ“‹ Contracting Vehicles πŸ›‘οΈ Defense & Military

The Naval Air Systems Command (NAVAIR) is conducting a virtual Industry Day on September 3, 2026, focused on Group 1 and Group 2 Unmanned Aircraft System (UAS) training, mission planning, simulation, and qualification management systems. This event is designed to gather market intelligence on commercially available and emerging solutions to support future acquisition strategies that comply with the National Defense Authorization Act (NDAA) and ensure system interoperability. Procurement professionals and contractors specializing in UAS technologies and training systems should consider this opportunity to engage with NAVAIR and influence upcoming requirements.

  • The Industry Day targets advanced UAS training and mission support systems for smaller UAS groups, emphasizing simulation and qualification management.
  • NAVAIR seeks industry input to shape acquisition approaches aligned with NDAA mandates and interoperability standards.
  • Contracting Officers Diana K. Harritt and John M. Barr are key contacts for engagement and inquiries.
  • Companies offering innovative UAS training and simulation solutions can leverage this event to position themselves for future solicitations and contracts.

Sources

Federal News

DigiFlight Enhances Cybersecurity Compliance Support

πŸ”’ Cybersecurity πŸ›‘οΈ Defense & Military πŸ’» Information Technology

DigiFlight Inc. has appointed Jermaine Stanley as Director of Cybersecurity Compliance to strengthen its ability to assist defense contractors in meeting evolving Department of Defense cybersecurity mandates, including the Cybersecurity Maturity Model Certification (CMMC). This strategic leadership addition positions DigiFlight to better support federal suppliers in accelerating compliance readiness, which is critical for maintaining eligibility for DoD contracts amid increasing cybersecurity requirements and threats.

  • Why this matters: Defense contractors must meet stringent DoD cybersecurity standards such as CMMC to qualify for current and future contracts.
  • DigiFlight's enhanced compliance capabilities indicate growing market demand for specialized cybersecurity support services within the defense supply chain.
  • Procurement professionals should consider DigiFlight and similar vendors as key partners for compliance assistance and risk mitigation.
  • Contractors can leverage these services to streamline certification processes and maintain contract eligibility in a tightening regulatory environment.

Sources

Federal News

DoW Suspends CMMC Phase II Requirements

πŸ”’ Cybersecurity πŸ›‘οΈ Defense & Military

The U.S. Department of War (DoW) has suspended the implementation of Cybersecurity Maturity Model Certification (CMMC) Phase II requirements that were originally scheduled to take effect in November 2026. This decision follows concerns raised by small business defense contractors regarding the high costs and regulatory burdens associated with CMMC Phase II compliance. The suspension initiates a comprehensive review aimed at recalibrating the program to better balance stringent cybersecurity standards with manageable compliance processes, thereby protecting and potentially increasing small business participation in the defense industrial base.

  • The suspension directly impacts small business contractors by alleviating immediate compliance costs and regulatory pressures tied to CMMC Phase II.
  • Procurement professionals should anticipate revised cybersecurity requirements that may emerge from the ongoing review, affecting future contract eligibility and compliance strategies.
  • Industry stakeholders can leverage this development to engage with DoW and SBA on shaping more accessible cybersecurity standards that support small business inclusion.
  • Organizations currently preparing for CMMC Phase II compliance should reassess timelines and resource allocations in light of the suspension and forthcoming program adjustments.

Sources

DoD Suspends CMMC Phase II Implementation

Federal News

DoD Suspends CMMC Phase II Implementation

πŸ”’ Cybersecurity πŸ›‘οΈ Defense & Military

The U.S. Department of Defense has suspended the implementation of Cybersecurity Maturity Model Certification (CMMC) Phase II requirements, originally scheduled for November 10, 2026, to address concerns about high compliance costs and regulatory burdens impacting small and non-traditional defense contractors. This suspension initiates a 60-day review aimed at reforming the program to simplify cybersecurity compliance by emphasizing self-assessments aligned with NIST standards rather than mandatory third-party audits. The pause supports the Department's Acquisition Transformation System by reducing barriers for small businesses critical to the Defense Industrial Base, ensuring continued participation while maintaining robust cybersecurity protections.

  • Why this matters: Small and mid-sized defense contractors can expect reduced compliance complexity and costs, potentially increasing their eligibility for DoD contracts.
  • The shift from third-party audits to self-assessments signals a more scalable and accessible cybersecurity framework.
  • Procurement professionals should anticipate revised cybersecurity requirements and adjust contract evaluations accordingly.
  • Industry stakeholders should engage with forthcoming guidance to align cybersecurity practices with the updated CMMC framework.

Sources

Federal News

DoD Enforces CMMC 2.0 Cybersecurity Compliance

πŸ”’ Cybersecurity πŸ›‘οΈ Defense & Military

The Department of Defense has mandated compliance with the Cybersecurity Maturity Model Certification (CMMC) 2.0 framework for all defense contractors, with a firm deadline of November 10, 2025. This requirement applies especially to small and mid-size contractors who must determine their certification level based on the type of information they handle, such as Federal Contract Information (FCI) or Controlled Unclassified Information (CUI). Compliance involves phased enforcement including self-assessments and third-party certifications, overseen by the CMMC Accreditation Body and supported by the Defense Contract Management Agency. Early preparation is essential due to expected assessment backlogs and the significant costs associated with certification, which directly impact eligibility for DoD contracts moving forward.

  • Why this matters: Defense contractors must achieve and maintain the appropriate CMMC 2.0 certification to remain eligible for DoD contracts, making cybersecurity compliance a critical procurement prerequisite.
  • Small and mid-size businesses should assess their current cybersecurity posture and plan for certification processes to avoid contract ineligibility.
  • Procurement professionals should incorporate CMMC 2.0 requirements into contract solicitations and vendor evaluations to ensure compliance.
  • Organizations can expect increased demand for cybersecurity consulting and certification services as contractors seek to meet these mandatory standards.

Sources

Federal Analysis

Government Agencies Standardize Application Logging

πŸ”’ Cybersecurity πŸ’» Information Technology

Government agencies and regulatory bodies are emphasizing the establishment of standardized enterprise application logging frameworks to enhance security detection, regulatory compliance, and incident investigation capabilities. This initiative aligns with guidelines from NIST, NYDFS, and FFIEC, reflecting a shift toward making structured, tamper-resistant logging a core security requirement rather than a technical afterthought. Contractors and IT security providers supporting government clients should prioritize solutions that enable consistent metadata capture and outcome-focused logging across hybrid and cloud environments to meet these evolving mandates.

  • Why this matters: Agencies require logging solutions compliant with NIST, NYDFS, and FFIEC standards to support security operations and regulatory audits.
  • Procurement professionals should seek vendors offering tamper-resistant, standardized logging frameworks adaptable to complex government IT infrastructures.
  • Contractors can leverage this trend by developing or integrating logging tools that facilitate incident investigation and continuous security monitoring.
  • Organizations should evaluate current logging practices against these frameworks to ensure readiness for compliance and operational effectiveness.

Sources