Federal contractors face a shifting landscape in 2025—where cybersecurity, bid protests, and compliance missteps can make or break your pipeline. In a recent conversation on The Optimize Podcast, Josh Duvall, managing partner of Matross Edwards LLC, joined Jeff Shapiro to spotlight the top risks—and strategies—you need to know to stay competitive and contract-ready.
1. Cybersecurity Compliance = Contract Eligibility
Cybersecurity is now central to winning or keeping a federal contract, not just a back-office issue. With the formalization of CMMC and tightening enforcement of NIST 800-171, contractors need documented, auditable systems in place.
"What I tell my clients is that CMMC is no longer just an IT checklist. It is a business readiness issue. If you're not investing in compliance and documentation, you're signalling risk to contracting officers."
Josh explains how cyber requirements affect both your ability to prime and your viability as a subcontractor. It can also affect pricing, insurance coverage, and marketability.
He advises starting with a gap assessment and developing a system security plan. Additionally, ensure executive leadership views cyber as a competitive differentiator, not just a technical box to check.
2. Don’t Just Protest—Be Strategic
Protests are not simply legal tools—they are part of a broader business development strategy. Josh explains why contractors need to think ahead, not react emotionally.
“The protests that succeed are the ones based on clean records and smart planning. GAO is not sympathetic to messy pleadings or missed deadlines.”
He unpacks recent trends such as disputes over key personnel availability and the increasing need for digital submission verification. The conversation also contrasts GAO with the Court of Federal Claims, offering insight into when to pursue which route.
Josh emphasizes the value of reading GAO protest decisions as competitive intelligence: “These decisions are roadmaps. They show you how others priced, structured their teams, and where they slipped.”
3. OCIs Can Kill a Win Before You Start
Organizational Conflicts of Interest (OCIs) are becoming more scrutinized—and that scrutiny extends beyond the prime to subs and affiliates.
"One of the biggest misconceptions I see is, ‘If I don't see an OCI, it doesn’t exist.’ But the government may see something you don’t—and that can end your bid before it begins."
Josh details the three main OCI types—biased ground rules, unequal access to information, and impaired objectivity—and provides examples of each. He walks through mitigation strategies including formal firewalls, separation of teams, and well-documented conflict checks.
With proposed changes to OCI guidance under FAR Part 3.12, it is crucial to reassess internal policies and teaming agreements. This should be done early in the capture process.
4. Master the Q&A to Protect Your Bid
Too often overlooked, the government Q&A process is a chance to shape outcomes. Josh urges contractors to approach this stage strategically.
“That Q&A becomes part of the contract file. If something in the RFP is unclear or vague and you do not challenge it then, you are stuck. You have waived your right to argue later.”
Use Q&A to clarify evaluation criteria, propose fairer terms, or question past performance weighting. Josh also explains that questions can prompt valuable amendments—especially when phrased with legal precision.
Proposal teams should work closely with counsel or compliance to ensure Q&A submissions are both technically sound and legally strategic.
Listen to the Full Conversation
This episode of The Optimize Podcast offers a real-world discussion on how federal contractors can navigate the more complex environment of 2025. Josh Duvall shares decades of legal insight and practical guidance, from avoiding disqualification due to cyber gaps to filing winning protests.
You will also hear:
- How to build OCI mitigation strategies that hold up under scrutiny
- Why every Q&A submission during procurement matters more than you think
- The business case for cyber maturity that your C-suite should understand now
- How GAO protests reveal valuable intel about your competitors and evaluators
Listen now on your preferred platform:
VisibleThread.com/Podcasts
Watch on YouTube
Listen on Spotify
Apple Podcasts
Enjoyed the episode?
If you found it helpful, consider leaving a quick rating or review on your preferred podcast platform. It helps others in the GovCon community discover and benefit from these conversations.
