This environment is for
Kearney employees only.
Sign in with your Kearney credentials to continue.
Access issues? Contact sandbox-support@kearneyco.com
EVP decision brief

Seven decisions. Two cash lines. Platform already in client meetings.

UNCLASSIFIED // FOUO  |  CGO / CIO / EVP  |  Cyber Security Division + KTG

TECOM (closest win), Navy, and four product demos run on this stack today. No client data has touched the personal account. Three governance findings are closing or closed; ownership transfer is scheduled next week. This brief asks EVP to approve $180K per year in cloud NTE plus 1099 surge authority, with build labor in-kind on overhead. Architecture and services detail follow the decision.

$96K/yr
Phase A · synthetic lab
$84K/yr
Phase B · CUI pilot cloud
7
Decisions
3 underway
Phase A · CIO + KTG

What we are asking for

Three tiers. Total cash on today's ballot: $180,000 per year in cloud and AI NTE ($96K synthetic lab + $84K CUI pilot), plus 1099 surge authority of up to roughly $144,000 per year at full burn (120 hours per month at $100). Build labor is in-kind on KTG and Cyber overhead. Approve Phase A today: firm AWS transfer (scheduled next week), Entra, and Sentinel, with Decision 4 funding firm cloud billing at transfer. Charter and fund Phase B (CUI pilot, CGO priority). Note IL5 for later; not on today's ballot.

$96K/yr
Phase A · approve today
$8K/mo NTE · lab cloud + AI · funds billing at transfer
$84K/yr
Phase B · charter + fund
$7K/mo NTE pilot cloud + 1099 surge NTE (90 days)
Overhead hrs
KTG / Cyber · not new cash
160/90 lab · 240/268 CUI pilot · detail
Phase A · Synthetic lab
Weeks 1–6
Firm AWS transfer next week. Entra and Sentinel seams in working sessions.
Phase B · CUI pilot
90 days from funding
First client CUI demo. TECOM then Navy promoted through the gate.
Tier 3 · IL5 gold load
Deferred 12–18 mo
Separate program decision on sponsor and pipeline. Not on today's ballot.

Gaps we found and are closing ourselves

The platform is already winning meetings. No client data has ever touched the personal account or the public repository. The sandbox runs on synthetic and fixture data only. Surfacing and closing these before an assessor or client does is the posture.

FindingRiskClose with
Personal AWS account Firm demos and pursuit work on an individual's cloud account. Synthetic data only; no client data present. Closing Ownership transfer scheduled next week (Decision 1 + 4)
Public GitHub IaC Pulumi stack on github.com/clthomps/Kearney-Pulumi outside firm VCS. No secrets or client data in the repo; infrastructure definitions only. Closing Moves to firm repo with firm-wide solution procurement (Decision 1)
Third-party model dependency in Bedrock IAM Proactively reduced supply-chain exposure pending FASCSA clarity on commercial model providers Closed in IaC dependency removed; Nova / AskSage paths; documented remediation
Tier 1 · Approve today · Phase A · synthetic lab governance
Decision 1  ·  CIO + KTG + Cyber
Firm-owned AWS organization and Innovation Lab migration off the personal account

Build labor is underway in-kind on KTG and Cyber overhead: stand up the firm AWS org, migrate the Pulumi stack and demos, and move IaC from public GitHub into firm-governed source control. Ownership transfer off the personal account is scheduled for next week. Decision 4 is the funding gate that puts the cloud bill on firm books (billing ownership, SCPs, audit trail) at the point of transfer. Prerequisite for the CUI pilot account. Overhead: KTG 100 hours, Cyber 50 hours.

Labor in-kind · transfer next week · Decision 4 funds firm billing
Decision 2  ·  CIO + Compliance to enable
Turn on the logging seam from the AI Sandbox into Sentinel

Gives the CIO one pane over a platform that was invisible in GCC High. Additive, non-disruptive. Same pattern for the CUI pilot.

In motion · working session this week
Decision 3  ·  CIO + Compliance to enable
Let employees sign in to the sandbox through Entra

Extends the corporate identity spine the CIO already owns to the innovation environment. Demo and prospect access stays on Cognito, never in Entra.

In motion · working session this week
Decision 4  ·  Growth sponsor + Finance to fund
Fund synthetic lab Opex at $8,000 per month (not-to-exceed)

About $96,000 per year for cloud infrastructure and AI or token usage on synthetic data only. This approval moves lab spend onto firm books at the point of ownership transfer. It is the funding gate for Decision 1, not a separate workstream. Reviewed quarterly. Does not include CUI pilot or IL5.

NTE held by [Cyber Division P&L owner]. Draws against the cap approved by [Finance partner]. Spend reviewed quarterly by [CGO/CFO]. Overage requires re-approval; underage does not roll forward.

Approve today · $96K/yr NTE
Decision 5  ·  Practice leadership · existing 1099 authority
Approve a deliverable-based prototyping 1099 at $100 per hour, as needed

Deliverable-based scope: prototype builds, integration packages, and demo assets, contracted as discrete work products under existing 1099 authority. NTE 80 hours per month to start, NTE 120 during the CUI pilot sprint (Decision 7). Engaged when overhead capacity is saturated. Scope and classification reviewed with counsel before the engagement converts to a billet.

New request · $100/hr NTE
Tier 2 · Charter and fund · Phase B · CUI pilot (CGO priority)
Decision 6  ·  CGO + Cyber + Compliance to charter
Authorize a commercial CUI pilot enclave for client-data demos within 90 days

Dedicated AWS commercial account. TECOM and Navy promoted through the mission gate (IaC rebuild, SBOM, client approval). Named pursuits only; data-type screening before ingest.

New request · growth priority
Decision 7  ·  CGO + Finance to fund
Fund CUI pilot cloud at $7,000 per month and raise 1099 surge for the 90-day sprint

$84,000 per year NTE for pilot cloud and AI. Build labor: KTG 240 hours and Cyber 268 hours on overhead. Raise Decision 5 to 120 hours per month for 90 days where needed (max $12,000 per month at $100/hr). Optional 3PAO is vendor cash when quoted.

New request · $84K/yr + surge
Tier 3 · Aware for later · IL5 gold load (not today)

Accredited DoD hosting on GovCloud or Azure Government is a separate program decision when a sponsor and pipeline justify it. Planning cloud run-rate is on the costing page. It does not block TECOM on client CUI in the commercial pilot.

Today's EVP action: approve Tier 1 (Decisions 1–5), charter and fund Tier 2 (Decisions 6–7), note Tier 3 for planning. Decision 1 build labor is in-kind and the personal-account transfer is scheduled for next week. Decisions 2 (Sentinel) and 3 (Entra) are in working sessions with the CIO shop and KTG. Decision 4 funds firm cloud billing at transfer.

If we do not fund this: firm pursuit work continues on an individual's personal cloud account past the planned transfer window. TECOM and Navy keep running on ungoverned infrastructure. The recurring hosting and MSSP revenue in Tier 3 stays unreachable, because there is no firm-owned, accredited path to put client data anywhere. The platform that is already winning meetings has no governed home.

Context

For the last several months we have run a sandbox where we prototype AI and cyber capabilities, build client demonstrations, and prove what the firm can deliver before we commit a single billable hour. That sandbox produced the TECOM budget-to-readiness demo, our closest win and the template for pursuits like DHS, plus the Navy readiness demo now in front of real clients. It works. The problem is that it currently runs on a personal AWS account, which is the right way to move fast and the wrong way to run a federal firm's platform.

The fix is not to slow the platform down. The fix is to connect what we already have, the firm's CMMC-accredited GCC High environment and the AI Sandbox we built in AWS with this platform, into one governed story: corporate identity in, security telemetry out, and the sandbox on firm-owned cloud instead of a personal account.

The one-line version

Today: GCC High for corporate work and an AWS sandbox for innovation. Firm AWS transfer is scheduled next week; Entra and Sentinel seams are in working sessions. Decision 4 funds firm cloud billing at transfer. Client hosting and the CUI pilot are the next step after Phase A.

What we have today

The firm has two footprints today. Corporate work runs inside a CMMC Level 2 boundary on Microsoft GCC High. Cyber and KTG built a separate AI Sandbox in AWS from the Pulumi stack in this repository: demos, prototyping, Bedrock and SageMaker experimentation, and this site. The sandbox is unaccredited and synthetic-data only. Billing still sits on a personal AWS account until ownership transfer next week (Decision 1).

flowchart LR
    subgraph CMMC["CMMC Level 2 · GCC High"]
        CORP[["Corporate environment
CIO · Entra · M365 G5"]] end subgraph SANDBOX["AI Sandbox · AWS"] LAB[["Pulumi platform
synthetic data · demos"]] DEMO(["Cognito
demo logins"]) end ENTRA(["Entra ID Gov"]) SENTINEL[["Microsoft Sentinel"]] ENTRA --> CORP ENTRA -. sign-in in motion .-> LAB CORP -. logs in motion .-> SENTINEL LAB -. logs in motion .-> SENTINEL LAB --> DEMO
Solid lines are in place today. Dashed lines are underway with the CIO shop and KTG: Entra sign-in to the sandbox and one-way logs into Sentinel. Firm AWS org migration is the third Phase A seam (Decision 1).

Corporate CMMC boundary

Owner: CIO · GCC High

Microsoft G5 on GCC High, managed endpoints, Entra ID for Government, and Sentinel for the firm's security operations. This is the accreditation the firm holds today. Real firm and employee work lives here.

In production

AI Sandbox

Owner: KTG build · Cyber governance

AWS environment from this Pulumi project. Navy, TECOM, AD/CD, and SOAR demos on synthetic data. Outside the CMMC boundary by design. Firm AWS migration and Entra/Sentinel seams are in process with the CIO shop and KTG.

In production · Phase A underway

The sandbox stays outside the CMMC boundary on purpose. Prototyping means constant change, and constant change inside an accredited boundary is what makes an accreditation hard to defend. The sandbox runs on synthetic and fixture data only, with no PII, no real client records, and nothing classified or CUI. When a capability needs real data or a client contract, it promotes out of the sandbox into a governed delivery path, not by growing more inside the personal account.

Why this matters to the firm

This is the difference between a sandbox that quietly grows into a compliance problem and a platform we can sell from with a straight face in front of a federal client or a 3PAO. We name what is real today, wire it to what the firm already owns, and only then grow into client hosting.

Where this goes: one platform, many client enclaves

The sandbox is today's footing. The plan is to extend the same discipline into a platform that hosts client data at federal impact levels and runs security operations for clients, which is where the real growth is. We do that without ever putting client-hosted data into the corporate CMMC boundary. Capability is built in the sandbox on synthetic data and promoted into separate accredited client environments through a controlled gate, never copied across.

flowchart TB
    subgraph DEV["AI Sandbox · unaccredited"]
        direction LR
        LAB[["Pulumi platform
synthetic data only"]] POL[["Security governance
NIST 800-171 baseline"]] end GATE{{"Mission gate
IaC rebuild · SBOM · client approval"}} LAB --> GATE POL --> GATE subgraph HOST["Trust zone: accredited client hosting"] direction TB subgraph TIERS["Impact tiers — separate accreditation each"] direction LR CORP[["Corporate CMMC L2
GCC High · no client data"]] COMM[["Commercial CUI
IL2 · FedRAMP Moderate"]] IL5T[["IL5 gold load
GovCloud · Azure Gov"]] end subgraph TENANT["Per-client stamp-out — dedicated account each"] direction LR CA[["Client A"]] CB[["Client B"]] CN[["Client N"]] end SHARED[("Shared baseline per enclave
Entra · IAM · KMS · segregated logs")] TIERS --> TENANT TENANT --- SHARED end GATE --> COMM GATE --> IL5T SIEM[["Sentinel SIEM / SOC
overwatch and MSSP"]] HOST -. one-way logs .-> SIEM CORP -. one-way logs .-> SIEM IDP(["Entra ID for Government"]) IDP --> LAB IDP --> HOST IDP --> CORP
Target state: development plane feeds the mission gate; client workloads land in tier-specific trust zones and isolated accounts; corporate CMMC stays separate from client hosting; Sentinel collects one-way logs from every zone.

Hosting footprints (future, beyond today's two)

Today is GCC High plus the AI Sandbox. The plan adds accredited hosting footprints for client data: commercial CUI for state and civilian work, and an IL5 gold load for DoD. The corporate CMMC boundary we already hold stays separate from all client hosting. Each hosting footprint is its own accreditation boundary, sharing only operator identity in and one-way logs out with the rest of the firm.

Corporate CMMC L2

Owner: CIO · GCC High

The firm's operating certificate. FedRAMP High and IL4, ITAR-capable. It carries internal firm and employee work, and no client-hosted data ever enters it.

Untouched by hosting

Commercial CUI (low tier)

Owner: Cyber / Compliance

SLED and civilian CUI with no DoD or IC nexus, with the State of Texas as the anchor case. Commercial cloud at a FedRAMP Moderate or TX-RAMP baseline. Low to stand up because we already run commercial.

Low tier

IL5 gold load (high tier)

Owner: Cyber / Compliance

Federal CUI and DoD work at FedRAMP High plus DoD SRG IL5, on AWS GovCloud or Azure Government. Built once, accredited once, stamped out per client. This is the net-new build and the long pole of the program.

High tier · net-new

Data type decides the tier, not the client. A state government is not automatically low-rigor. Criminal-justice data, federal tax information, and health data each carry overlays that sit on top of the base tier. Those overlays are built once, the first time a client needs one, and then reused.

Bridge for growth (CGO priority)

John and the growth team need client CUI in demos before the full hosting business is accredited. The fastest path is a commercial CUI pilot enclave: a dedicated AWS account, promoted TECOM and Navy workloads rebuilt from IaC (not copied from the sandbox), and a pilot authorization package from Cyber and Compliance. That is separate from the synthetic Innovation Lab and separate from the IL5 gold load. Costing and funding asks are in Platform costing and What we are asking for.

Build once, stamp out per client

The IL5 environment is built as code and accredited as a single gold load. The system security plan, the control narratives, and the boundary diagrams are written one time against that baseline, not once per client. Each client then gets a fresh deployment of the same code with its own account, its own keys, and its own network, and it inherits the accredited posture by construction. Only the client-specific delta is assessed. One hard build becomes many client enclaves.

This is hard isolation, not shared tenancy

Every client lands in its own account or subscription, with dedicated keys and no shared data plane. Logs aggregate into the security pane for monitoring but never co-mingle. Hard tenant isolation is the only posture that survives a client assessor asking who else is inside the boundary.

The promotion gate

The flow from the sandbox into a client hosting environment is the most important and most dangerous step in the architecture, because it crosses from an unaccredited synthetic environment into an accredited one. It is a promotion, not a copy. What moves is source code and infrastructure definitions, rebuilt clean inside the accredited baseline. Every capability that crosses gets a security review and an SBOM, and it runs on synthetic data in accredited staging until the client formally approves it for their workload. The sandbox never touches client data, and the client environment never runs unvetted code.

ControlRequirement
1 · Rebuild from IaCOnly source and infrastructure definitions cross the boundary. No images or sandbox artifacts.
2 · Security review + SBOMDependency check and control mapping before anything runs in an accredited enclave.
3 · Client approvalCapability runs on synthetic data in accredited staging until the client authorizes real CUI.

One security capability, two markets

The Sentinel capability we use in GCC High today, extended to sandbox and future client hosting logs, is the same service we would sell to clients as a managed security offering. It pulls one-way logs from every boundary into a single pane, and nothing flows from that pane back into client data. Internal overwatch and the client MSSP are one build serving two markets. Standing this up makes the firm an external service provider under CMMC and the DoD SRG, which is a determination to get in writing, with the operator-eligibility bar settled, before IL5 work is priced or committed.

Out of model: classified and IC work

IL6 and IC classified work runs under a different regime entirely, with a facility clearance, cleared people, and a SCIF. That is a separate multi-year program decided on its own merits if a sponsored requirement appears. It is deliberately not bolted onto the stamp-out model, because forcing it in would break the model for everyone else.

What we still need to confirm

This is the target state, not a finished design. A few load-bearing items still get pinned down before or during the build.

  • Whether we already hold a commercial CUI authorization or are starting from synthetic-only, which sets how fast and how cheaply the low tier comes online.
  • The IL5 sponsorship path, either a DoD sponsor or an inherited cloud-provider authorization, which drives timeline more than the engineering does.
  • The actual data type behind each client, since criminal-justice, tax, or health overlays change the baseline and the cost.
  • Whether any IC requirement is classified or unclassified, which decides whether it is buildable here or belongs in a separate cleared program.
  • A funded line to stand up the gold load before client one, scoped as its own program decision.

CIO single pane over both environments

Decisions 2 and 3 are a CIO win, not a CIO burden. GCC High already has Entra ID for Government and Sentinel. The innovation platform ran outside that visibility on a personal AWS account. Wiring the sandbox into Entra and Sentinel gives the CIO the same governed identity and security spine across corporate and innovation, with one pane over activity that was previously a shadow platform.

The CIO organization is provisioning the firm AWS org with KTG (Decision 1, transfer next week) and governs the shared seams. Cyber and KTG build and sell from the platform; they do not replace enterprise IT. Demo and prospect access stays on Cognito and never enters Entra. That separation is deliberate.

Services this unlocks

The platform is not the product. The product is the menu of federal services it lets us sell. Thirteen core lines are grouped below by when revenue starts: six to win pursuits now, one to hand off after the win, and six recurring lines once hosting and managed security are live. Four companion lines in the revenue breakdown (managed ops, promotion-gate assurance, per-client compliance delta, and IL5 baseline build) sit with hosting and are documented on the costing page.

Tier 1
6
Win pursuits today
  • TECOM budget-to-readiness (closest win; same demo for DHS and similar)
  • Navy readiness intelligence
  • Active defense and live SOC
  • SOAR and financial-system analytics
  • Federal AI workforce training (offered, not under contract)
  • AI assurance and red-teaming
Tier 2
1
First SOW after the win
  • Custom capability prototyping and promotion
Tier 3
6
Recurring at platform scale
  • Accredited hosting (commercial / SLED)
  • Accredited hosting (federal / IL5)
  • Managed SOC (MSSP)
  • Managed endpoint security
  • Cloud and AI authorization support
  • Compliance overlays and intake
Closest win

TECOM budget-to-readiness is the nearest pursuit on this platform: resource dollars traced to unit readiness on synthetic data, with grounded AI shown against naive AI. The same build is the template for civilian budget and readiness buyers (for example DHS components), not a one-off demo. Navy readiness uses the same architecture; workforce training is a service we can sell, with a USMC class proving the format, but no training contract booked yet.

Procurement path: [vehicle, e.g. GSA MAS 54151HACS / OASIS+], estimated [$value], sponsor [name/office], anticipated [solicitation or award window]. Confirm before this line goes to CGO/CFO.

Service line Pipeline Revenue type
Tier 1 · Live in sandbox
TECOM budget-to-readiness intelligence Closest winIn pursuitPursuit / project
Navy readiness decision intelligenceClient-facingPursuit / project
Active defense and live SOCDemo-readyPursuit → MSSP
SOAR and financial-system analyticsDemo-readyCross-sell
Federal AI workforce training OfferedNo contract yetCapability / pursuit
AI assurance and red-teamingDemo-readyAssessment
Tier 2 · After the win
Custom capability prototyping and promotionOn winDesign-build SOW
Tier 3 · Requires hosting (see target state)
Accredited hosting, commercial and SLEDTargetRecurring
Accredited hosting, federal and DoD IL5TargetRecurring
Managed SOC (MSSP)TargetRecurring
Managed endpoint securityTargetRecurring
Cloud and AI authorization supportTargetAdvisory
Compliance overlays and intakeTargetPer-client add-on
Why fund the platform (growth view)

Tier 1 is already in client meetings, led by the TECOM pursuit and repurposable demo stack. Tier 3 is why we ask for enablement and resources in What we are asking for: without firm-owned cloud, Entra, Sentinel, and the CUI pilot enclave, recurring hosting and MSSP stay on paper. Fund now to keep Tier 1 winning; fund through to turn Tier 3 into ARR.

For CGO and CFO review
Full revenue breakdown (13 core + 4 companion lines)

Buyer routing, delivery owner, sandbox proof, platform dependencies, revenue model, and funding linkage for every sellable line, including managed ops, promotion-gate assurance, and per-client accreditation delta.

Open the breakdown →
Explicitly out of scope

Classified and IC IL6 work, client data in corporate GCC High, and slide-only pursuits with no path to hosted or managed delivery.

What this means for growth and delivery

The platform is the working expression of the firm's innovation and growth plan. It is built so that capability becomes demos, demos become qualified pipeline, and pipeline becomes services more than one team can sell and more than one practice can deliver.

For the growth thesis

A win-rate weapon, not a cost center

  • We walk into a competitive federal pursuit with running software instead of slides. Grounded AI next to naive AI, a live SOC working an incident, budget traced to readiness on the client's own kind of mission data.
  • It opens buying centers across the federal base we are not fully selling into today: CISOs, budget and readiness shops, AI program offices, and authorizing officials. One platform feeds several practices.
  • It is the proof the capability model works across territories, so the growth conversation moves from funding people to funding an organization that scales.
  • The hosting model is build once, sell many. We accredit a single IL5 gold load and stamp out an isolated enclave per client, so each new client is a deployment rather than a fresh accreditation. That turns a one-time build into recurring hosting and managed-security revenue across the federal base.
For the delivery organization

De-risked work, protected margin

  • The sandbox protects the firm. Rapid prototyping stays outside the CMMC boundary on synthetic data, so we move fast without destabilizing the accreditation or touching client data.
  • Delivery only picks up work that is already proven, scoped, and demoed to the client. That is lower delivery risk and higher win confidence than starting a pursuit cold.
  • The demos and platform components are reusable across engagements, so we rebuild less on every pursuit and protect delivery margin.
  • The promotion gate gives delivery clean, audited provenance. Capability is rebuilt from source inside the accredited boundary, never copied, so what runs on client data has a record that survives an OIG or a client assessor.
The handoff that protects everyone

The sandbox carries the build and the risk. KTG and the territories receive mature, repeatable, billable work when a client is ready, not half-finished prototypes. Growth is not capped by the small bench that prototypes, and delivery is not loaded with unproven work. That handoff is the design.

Platform costing

Three budget lines on the roadmap, not three environments today. The firm runs two footprints now (GCC High and the synthetic lab). Phase B adds a commercial CUI pilot for client-data demos. IL5 accredited hosting is a separate future investment. The Innovation Lab stays synthetic throughout.

Footprint Purpose KTG / Cyber overhead Cash (monthly NTE)
Innovation Lab (synthetic) Demos and prototyping on fixture data only 160 / 90 hrs $8K/mo cloud + AI
CUI pilot enclave Client CUI demos; TECOM and Navy promoted from IaC 240 / 268 hrs + 1099 surge $7K/mo cloud + AI
IL5 gold load (future) Accredited DoD hosting Future overhead program $15K–$25K/mo cloud (planning)

Overhead hours are planning NTE for KTG and Cyber capacity (first number KTG, second Cyber). Compliance SSP and intake sit on separate overhead, not in those totals. Decision 5 1099 covers shortfalls; Decision 7 raises that NTE during the pilot sprint. Full hour breakdown is on the costing page.

For CGO and CFO review
Full platform costing and assumptions

Line-item cloud run-rates, labor model, and 1099 surge for the synthetic lab, CUI pilot, and IL5 planning ranges.

Open costing detail →

Anticipated questions

Why is the prototyping environment outside our CMMC boundary? Isn't that a risk?

It is the opposite of a risk, and it is the part worth getting right. CMMC Level 2 is a credential the firm earns so we can handle CUI and compete for DoD work. Everything inside that boundary is held to a fixed, audited control set, and every change inside it is a change to our assessed posture. Prototyping is constant change. Putting it inside the boundary would make our accreditation unstable and harder to defend. The sandbox runs on synthetic data only, so there is nothing in it that needs the boundary. Real data promotes into separate accredited client hosting when we are ready, not by expanding the personal AWS account. We are protecting the accreditation, not avoiding it.

What does the CIO organization gain from this?

Visibility and control over a platform that was running on a personal AWS account outside GCC High. Decisions 2 and 3 extend Entra and Sentinel into the innovation environment. Decision 1 build labor is in-kind; ownership transfer off the personal account is scheduled for next week, with Decision 4 funding firm cloud billing at transfer. The CIO governs the shared infrastructure; Cyber and KTG build and sell from the platform.

Why did we remove Anthropic from the sandbox?

As a precaution against supply-chain exposure under FASCSA, we removed the third-party model ARNs from Bedrock IAM, moved inference to Nova and AskSage paths, and documented the change in IaC and remediation notes. That is the same discipline we apply to the personal-account and public-GitHub findings: find it ourselves, fix it in code, show the record.

Do we need a vendor to do this, or Active Directory stood up inside AWS?

No to both for the two pieces we are asking for. The logging seam and the identity federation are well-understood, supported integrations between our existing Microsoft and AWS footprints. They do not require Active Directory inside AWS, and they do not require us to hand the build to an outside vendor. We can stand up the seams with our own people, validated on our own accounts first.

Does hosting client data put our CMMC accreditation at risk?

No, and the architecture is built specifically to keep it that way. No client-hosted data ever enters the corporate CMMC boundary. Client CUI and DoD data live in separate accredited footprints, commercial cloud for the low tier and an IL5 gold load for the high tier, that share only two thin seams with everything else, operator identity in and one-way logs out. The corporate certificate stays slow, documented, and defensible while the client work moves fast somewhere else.

What is the IL5 gold load, and why build it once?

IL5 is the Defense Department's bar for hosting its sensitive but unclassified data. It runs only on AWS GovCloud or Azure Government and carries FedRAMP High plus the DoD security requirements guide. We build and accredit that environment one time, as code, then stamp out an isolated enclave per client from the same baseline. Each client inherits the accredited posture by construction, and only the client-specific delta gets assessed. One hard, expensive build becomes many client enclaves, which is what makes the economics work.

If clients share the platform, who else is in my boundary?

No one. This is hard isolation, not shared tenancy. Each client gets its own cloud account or subscription, its own encryption keys, and its own data plane. Logs aggregate into one security pane so we can monitor everything, but client data never co-mingles. That is the only posture that holds up when a client's own assessor asks who else is inside the boundary.

What about classified or IC work?

It is out of this model on purpose. Classified and IC work needs a facility clearance, cleared people, and a SCIF, which is a separate multi-year program with its own go or no-go decision. Bolting it onto the stamp-out model would break the model for every other client. If a real sponsored requirement appears, it gets evaluated on its own merits, not assumed into this plan.

What protects us if synthetic data quietly turns into real data in the sandbox?

Three things working together: an approved-source list for what is allowed in, monitoring that watches the sandbox through the same security pane as GCC High, and a written policy that makes real or CUI data entering the sandbox the trigger to move that workload into governed client hosting. The logging seam we are asking for today is part of what makes that enforceable, because it gives us visibility we do not fully have while the platform runs on a personal account.

What does a yes today actually commit the firm to?

Tier 1: $180K per year total cloud NTE ($96K lab + $84K pilot), 1099 surge authority, firm AWS transfer next week (build labor in-kind), Sentinel and Entra seams in working sessions, and Decision 4 funding firm billing at transfer. Tier 2: CUI pilot charter and 90-day sprint. Tier 3 (IL5) is noted for planning only. No new billets in this packet.

How real is the revenue behind this?

Real enough that it is already in front of clients. The closest win is TECOM: the resource-to-readiness demo on this platform maps budget to readiness on synthetic data and is built to repurpose for other budget and mission buyers (including DHS-style civilian shops), not only the Marine Corps customer. Navy readiness runs on the same stack and has put us in front of a real customer. Federal AI workforce training is on the menu and we delivered a USMC financial-management class to prove the format, but we do not have a training contract yet. Governing the platform now protects pursuits that are already live.

How does this scale beyond the handful of people who built it?

The sandbox is where new capability is born and proven. Once a capability is solid and a client is ready, repeatable delivery hands off to KTG and the territories, who staff it as normal billable work. Growth is not capped by the small bench that prototypes. That handoff is the design, and it is what lets the firm sell more of this than any single team could ever deliver on its own.

How is this different from what competitors put in front of the same clients?

We bring working software to the table. A federal client can watch grounded AI run next to naive AI on their own kind of mission data, watch a live security operations console catch and work an incident, and see budget decisions traced to readiness, all before they sign anything. Most of the field brings slides and promises. Showing the capability run is the difference in a competitive capture, and it is the difference we have already used to get in front of the Navy.

Does this add delivery load or risk to the services organization?

Not up front. The prototyping lives in the sandbox on synthetic data, outside the CMMC boundary, so it does not pull delivery staff or destabilize our accreditation. Delivery picks up work only once it is mature, scoped, and already demoed to the client, which lowers risk on the pursuit. The platform components are reusable across engagements, so we rebuild less and protect margin on the work that lands.

Why is the CUI pilot separate from the sandbox and from IL5?

The sandbox must stay synthetic so we can change fast without touching CMMC. Client CUI needs an accredited boundary, but IL5 is a 12-to-18-month gold-load program, not what John needs to win TECOM this quarter. A commercial CUI pilot on AWS is the bridge: promoted demos, hard account isolation, pilot authorization, and a path to full hosting later. Real data never lands in the synthetic sandbox or in GCC High.

Why a contractor and not a full-time hire?

Because the load is variable right now. A 1099 on deliverable-based scope at $100 an hour lets us contract discrete prototype and integration work products as the pipeline calls for them, without committing a billet before the work is steady. It runs under the firm's existing 1099 authority, so it is a fast approval rather than a new budget line. Scope and classification are reviewed with counsel, and the work moves to a billet once it is steady enough to justify one. That keeps firm risk low while the platform proves demand.