New CDM contract awards worth $1B coming this month
The Department of Homeland Security will award cybersecurity contracts worth $1 billion this month, as its Continuous Diagnostics and Mitigation program prepares to expand the services it offers federal agencies.
The contracts will be part of CDM’s Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) program. CDM Program Manager Kevin Cox said Wednesday that his office was looking to award contract task orders for agencies in Groups C and E this month, followed by a July award for Group D.
“Working with [the General Services Administration], we expect it in the next few weeks,” he said at the Forcepoint Cybersecurity Leadership Forum produced by CyberScoop and FedScoop.
The task orders, supplied through the GSA Alliant contract vehicle, will provide for increased cybersecurity services and more flexibility for federal agencies to tailor specific solutions that they can deploy to safeguard their networks, especially with the original CDM contracts expiring at the end of the year.
“We wanted to make sure that the new task orders we awarded had significant runway to be able to handle a whole lot of different actions in support of future phases,” Cox said. “We can now run a lot of different things in parallel. We can run cloud security efforts, mobile security efforts, we can work and support agencies in implementing network access control, certificate management, et cetera.”
CDM previously awarded its $621-million Group B contract to Booz Allen Hamilton in February, followed by a $407-million Group A contract to CACI International last week.
The task orders for Groups C and E are expected to be more than $500 million apiece, while Group D is expected to run more than $850 million. Each feature a base year contract with six option years. The estimated total cost of the DEFEND contracts, which include six groups, is thought to be around $3.4 billion.
Cox said the program was also progressing with its plans to integrate the Chief Financial Officer Act agencies into a system of dashboards reporting data to its overall federal dashboard this month.
“Today, we have 20 of the 23 civilian CFO-Act agencies reporting up to the federal dashboard,” he said. “The remaining three we expect to have up in June and July. So what that gives us is the visibility of all of the civilian assets in near real-time. It also gives us an understanding of what their vulnerability posture is and how their systems are configured.”
That visibility provides CDM with insight into what the agency networks look like for the first time, Cox said, giving the program more agility to provide cybersecurity support.
The support represents CDM movement into Phase 4 of its task areas, where Cox said the program hopes to address data protections, whereas Phases 1, 2 and 3 addressed program management, dashboards and support and filling capability gaps.
“We want to make sure the data itself, no matter where it is, is protected, the agencies have awareness of it and they know who has access to it,” he said.
The overall goal is to not only to provide DHS with visibility of federal agency networks, but to also provide them with cybersecurity services they may not have previously been able to procure.
“Not only are we bringing funding to the conversation,” Cox said. “But also with the help of the task order system integrators, bringing support to the agency engineers and operational folks to get solutions in place.”