Action Kit: Australia's Ghost Bat MQ-28A Expansion

Event Type: Contract Vehicle | Severity: MEDIUM

Focus Areas: International Defense Collaboration, Unmanned Combat Systems, FMS/DCS Opportunities

---

Immediate Actions (This Week)

• [ ] Review your ITAR (International Traffic in Arms Regulations) registration status and ensure your company is registered with DDTC if pursuing international defense opportunities. Verify registration is current and covers unmanned aerial systems (Category VIII).
• [ ] Audit current CMMC (Cybersecurity Maturity Model Certification) compliance posture against CMMC Level 2 requirements. Australia FMS programs require U.S. contractors to demonstrate cybersecurity maturity for CUI (Controlled Unclassified Information) handling.
• [ ] Identify teaming partners in your network with existing Boeing Defence Australia relationships or prior Ghost Bat program involvement. Document past performance on collaborative combat aircraft or autonomous systems.
• [ ] Search SAM.gov (System for Award Management) for active solicitations matching NAICS 336411 (Aircraft Manufacturing), 336413 (Other Aircraft Parts), and 541712 (R&D in Defense) with keywords: "unmanned," "autonomous," "collaborative combat," "loyal wingman."
• [ ] Flag your business development pipeline for opportunities involving RAAF, Australian Defence Force, or Foreign Military Sales vehicles. Prioritize opportunities with delivery timelines aligning with the 2028 operational target.

Short-Term Actions (30 Days)

• [ ] Conduct a capabilities gap analysis comparing your technical offerings against Ghost Bat program requirements: AI-enabled autonomy, sensor fusion, datalink systems, modular payload integration, and low-observable design.
• [ ] Develop an FMS/DCS market entry strategy targeting allied nations with similar collaborative combat aircraft needs (UK, Japan, South Korea, NATO partners). Research their defense procurement cycles and U.S. cooperation agreements.
• ] **Establish NIST 800-171 (NIST Special Publication 800-171) compliance documentation** for all systems handling Controlled Unclassified Information related to unmanned systems. Complete self-assessment and remediation plan for any gaps identified. Reference our [CMMC Compliance Guide (/insights/cmmc-compliance-guide) for implementation frameworks.
• [ ] Engage with Defense Security Cooperation Agency (DSCA) through your contracting officer or business development channels to understand upcoming FMS cases in the unmanned systems domain.
• [ ] Update your capability statements and past performance narratives to emphasize: international collaboration experience, unmanned systems integration, autonomous platform development, and allied nation partnership success stories.
• [ ] Review Export Administration Regulations (EAR) applicability for any dual-use technologies in your product portfolio that could support Ghost Bat-adjacent programs.

Long-Term Actions (90+ Days)

• [ ] Pursue strategic partnerships with Tier 1 defense primes (Boeing, Northrop Grumman, General Atomics) working on collaborative combat aircraft programs. Position your firm as a specialized subcontractor for autonomy software, mission systems, or ground control stations.
• [ ] Invest in R&D for next-generation unmanned teaming technologies: swarm coordination algorithms, AI decision-making under contested environments, secure datalinks resistant to electronic warfare, and human-machine interface innovations.
• [ ] Build a dedicated FMS capture team with expertise in international defense sales, ITAR compliance, and allied nation procurement processes. Consider hiring personnel with prior DSCA or Air Force Security Assistance experience.
• ] **Achieve CMMC Level 2 certification** (or higher if pursuing classified programs) to position your firm competitively for future Ghost Bat follow-ons and related unmanned combat system contracts. See our [CUI-Safe CRM Guide (/insights/cui-safe-crm-guide) for protecting sensitive procurement data.
• [ ] Develop white papers and technical demonstrations showcasing your firm's contributions to autonomous systems, collaborative combat concepts, or unmanned platform integration. Present at industry forums like AUVSI XPONENTIAL or Air Force Association conferences.
• [ ] Monitor Australian Defence Force procurement channels and establish relationships with Australian industry partners who can serve as local teaming partners for Direct Commercial Sales opportunities.

---

Compliance Checklist

This event triggers multiple export control and cybersecurity compliance requirements for U.S. contractors pursuing related opportunities:

ITAR (International Traffic in Arms Regulations)

• [ ] DDTC Registration: Verify current registration with Directorate of Defense Trade Controls for defense articles and services.
• [ ] Technical Data Controls: Implement procedures preventing unauthorized export of technical data related to unmanned combat systems (USML Category VIII).
• [ ] Foreign Person Access: Establish Technology Control Plans (TCP) restricting foreign national access to ITAR-controlled information.
• [ ] Export Licenses: Understand when Technical Assistance Agreements (TAA) or Manufacturing License Agreements (MLA) are required for Australian collaboration.

CMMC & NIST 800-171

• [ ] CUI Identification: Map all Controlled Unclassified Information flows related to unmanned systems programs.
• [ ] Access Controls (AC family): Implement least-privilege access for systems storing Ghost Bat-related technical data.
• [ ] Incident Response (IR family): Establish procedures for reporting cyber incidents involving FMS program data within 72 hours per DFARS (Defense Federal Acquisition Regulation Supplement) 252.204-7012.
• [ ] System and Communications Protection (SC family): Encrypt CUI at rest and in transit using FIPS 140-2 validated cryptography.
• [ ] Self-Assessment: Complete NIST 800-171 self-assessment and document System Security Plan (SSP) and Plan of Action & Milestones (POA&M).

DFARS 252.204-7012 (Safeguarding Covered Defense Information)

• [ ] Adequate Security: Demonstrate implementation of all 110 NIST 800-171 controls (or document approved compensating controls).
• [ ] Cyber Incident Reporting: Establish 72-hour reporting procedures to DoD (Department of Defense) and preserve forensic evidence for 90 days.
• [ ] Flow-Down Requirements: Ensure subcontractors handling CUI accept DFARS 252.204-7012 clause and maintain equivalent security.
• [ ] Malicious Software Reporting: Report malicious software discovered on covered contractor information systems within 24 hours.

Export Administration Regulations (EAR)

• [ ] ECCN Classification: Determine Export Control Classification Numbers for any dual-use items (e.g., commercial sensors, processors, software).
• [ ] License Exceptions: Verify whether License Exception STA (Strategic Trade Authorization) applies for exports to Australia (a NATO ally).
• [ ] Deemed Exports: Control access by foreign nationals to EAR-controlled technology within U.S. facilities.

Additional FMS-Specific Requirements

• [ ] Buy American Act Compliance: Understand domestic content requirements for FMS cases (typically requires >50% U.S. origin components).
• [ ] Cost and Pricing Data: Prepare for Truth in Negotiations Act (TINA) requirements if pursuing prime contracts exceeding $2 million.
• [ ] Quality Assurance: Implement AS9100 or equivalent quality management systems for aerospace manufacturing.

---

Resources

Regulatory Guidance

• ITAR Regulations (22 CFR 120-130) (https://www.ecfr.gov/current/title-22/chapter-I/subchapter-M) — Complete text of International Traffic in Arms Regulations
• NIST SP 800-171 (NIST Special Publication 800-171) Rev 2 (https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final) — Protecting Controlled Unclassified Information in Nonfederal Systems
• DFARS 252.204-7012 (https://www.acquisition.gov/dfars/252.204-7012-safeguarding-covered-defense-information-and-cyber-incident-reporting) — Safeguarding Covered Defense Information clause
• EAR Part 740 License Exceptions (https://www.ecfr.gov/current/title-15/subtitle-B/chapter-VII/subchapter-C/part-740) — Export Administration Regulations license exceptions

Agency Resources

• Defense Security Cooperation Agency (DSCA) (https://www.dsca.mil/) — Foreign Military Sales program office
• CMMC Accreditation Body (https://www.cmmcab.org/) — Cybersecurity Maturity Model Certification program information
• SAM.gov (https://sam.gov/) — Federal procurement opportunities database
• Winning Federal Contracts Guide (/insights/winning-federal-contracts) — Comprehensive strategies for government contracting success

Industry Intelligence

• Air Force Life Cycle Management Center (https://www.aflcmc.af.mil/) — Manages unmanned systems acquisition programs
• Boeing Defence Australia (https://www.boeing.com.au/) — Prime contractor for Ghost Bat program
• Australian Department of Defence (https://www.defence.gov.au/) — Procurement policies and industry engagement opportunities

---

How Cabrillo Club Automates This

Cabrillo Signals War Room has already detected this Ghost Bat expansion announcement and delivered this briefing to your dashboard within minutes of the official release. The War Room continuously monitors international defense news, FMS case notifications, allied nation procurement announcements, and DoD policy updates so you never miss developments affecting your market position. For this event specifically, War Room cross-referenced the AUS$754 million contract value against historical Ghost Bat tranches, identified the seven affected NAICS codes, and flagged the 2028 operational timeline as a critical planning milestone for your capture calendar.

Cabrillo Signals Match Engine automatically rescored your entire opportunity pipeline the moment this event was detected. Any open opportunities tagged with NAICS 336411 (Aircraft Manufacturing), 541712 (Defense R&D), or keywords like "unmanned aerial systems," "collaborative combat," or "autonomous platforms" received updated match scores reflecting the heightened market activity in this domain. If you're tracking Boeing or RAAF-related opportunities, those scores adjusted to account for increased competitive intensity and the validated demand signal this $534M order represents.

Cabrillo Signals Intelligence Hub has tagged this event with the relevant contract vehicles (FMS, DCS), agencies (DOD, Air Force, DSCA), and compliance surfaces (ITAR, CMMC, NIST 800-171). Use the saved search feature to create persistent alerts for follow-on solicitations matching this profile—set filters for NAICS 336411/336413/541712, keywords "Ghost Bat OR collaborative combat OR loyal wingman," and agency "Air Force OR DSCA." You'll receive automatic notifications when related RFIs, sources sought notices, or contract awards appear on SAM.gov, giving you first-mover advantage on emerging opportunities.

Proposal Studio (Proposal OS) can accelerate your response to Ghost Bat-adjacent solicitations by generating compliance matrices mapped to ITAR, CMMC Level 2, and DFARS 252.204-7012 requirements automatically. When you upload an RFP for an unmanned systems program, Proposal OS extracts compliance requirements, cross-references your existing certifications and past performance database, and flags gaps requiring attention. The AI-powered technical approach generator can draft initial sections covering autonomous systems integration, international collaboration frameworks, and cybersecurity architectures using your firm's historical win themes and lessons learned from similar programs.

Proposal Studio Workflow Tracker provides 9-gate capture management specifically designed for complex international defense opportunities like FMS programs. When you designate an opportunity as FMS-related, Workflow Tracker automatically routes ITAR compliance reviews to your trade compliance team, triggers subcontractor certification checks (ensuring they meet NIST 800-171 requirements), and generates audit-ready documentation packages for DCAA reviews. The system tracks supplier security questionnaires, foreign ownership disclosures, and export license applications through approval workflows, ensuring nothing falls through the cracks during your 60-90 day proposal development cycle.

Ready to leverage these capabilities? Explore your Signals War Room dashboard to see how many Ghost Bat-related opportunities are already in your pipeline, or visit the Intelligence Hub to configure saved searches for the next wave of collaborative combat aircraft solicitations.

---