In one of the largest U.S. procurement contracts this year, four federal agencies have ordered enterprise-wide cyber security systems for government and civilian networks. If all five years of the contract are funded, the deal will generate $6 billion among 17 suppliers.
The contract stems from the Continuous Diagnostics and Mitigation (CDM) program, which provides specialized information technology and CMaaS (continuous monitoring as a service) capabilities to civilian networks that use the “.gov” suffix. The program will monitor networks in real time, conducting, for example, as many as 80 billion security checks every three days among other actions, to detect and defeat cyber threats. Data from the systems will be summarized on special software operated by the Department of Homeland Security (DHS) and used to identify security problems.
The CDM program is significant in that it moves away from traditional compliance reporting and toward combating threats on a real-time basis. As such, it represents an awareness of and intent to defeat cyber attacks from hackers, criminal groups and other countries.
The U.S. General Services Administration (GSA) awarded the contract, along with the Federal Acquisition Service, Assisted Acquisition Services and the Federal Systems Integration and Management Center. Agencies that have signed up for it include DHS, which is spending $185 million to activate the first of three phases in the CDM program.
The Defense Department hasn’t agreed to use the system, at least not yet. According to some sources, the defense industrial base—i.e., contractors and their suppliers—will have the option of CDM coverage.