Jul
17

CGI takes $500M CDM cyber services order

From: Washington Technology

By Ross Wilkers

CGI Federal has won a task order with a potential value of at least $500 million for cybersecurity services to five federal agencies under the government-wide Continuous Diagnostics and Mitigation Program.

This order covers tools and services for departments of Commerce, Justice, Labor and State; plus the U.S. Agency for International Development. Those are “Group C” agencies under the larger $3.4 billion CDM DEFEND umbrella program run by the Homeland Security Department.

Read Complete Article

Jul
16

DHS’ governmentwide cyber initiative makes over $1B in contract awards in the last month

From: Federal News Radio

By Jason Miller

The Nuclear Regulatory Commission’s implementation of phase one of the continuous diagnostics and mitigation (CDM) program fell behind schedule by as much as nine months.

In June, the agency issued a sole source justification authority to continue to pay Enterprise Services— formerly HP Enterprise Services — $389,000 for another year of work on phase one.

Read Complete Article

Jul
03

Commerce CIO Turk would like the IC’s help securing the 2020 census

From: FedScoop

WRITTEN BY 

***

The CIO added that his team is also leveraging the Department of Homeland Security’s Continuous Diagnostic and Mitigation program both as a shared service provider across the Commerce Department’s disparate systems, but also to look for possible supply chain vulnerabilities that could affect its networks when new technology is on-boarded.

“Census has used that significantly, that supply chain effort, and we have in fact found things. I’ll just leave it at that,” he said.

Read Complete Article

Jun
22

DISA takes the lead in continuous monitoring clearance tech

From: FCW

By Lauren C. Williams

The Defense Information Systems Agency is spearheading a continuous monitoring solution that it hopes will virtually eliminate the reinvestigation process for security clearance holders and reduce the backlog of more than 700,000 cases.

“Fundamentally, the National Background Investigation System is designed to replace and modernize the existing systems that were being operated by OPM,” Terry Carpenter, DISA’s services development executive and acting program executive officer for NBIS, told FCW. “The solution is to automate … it’s about modernizing the process, not just building a more secure system.”

Read Complete Article

Jun
13

New CDM contract awards worth $1B coming this month

From: FedScoop

The Department of Homeland Security will award cybersecurity contracts worth $1 billion this month, as its Continuous Diagnostics and Mitigation program prepares to expand the services it offers federal agencies,

The contracts will be part of CDM’s Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) program. CDM Program Manager Kevin Cox said Wednesday that his office was looking to award contract task orders for agencies in Groups C and E this month, followed by a July award for Group D.

Read Complete Article

Jun
13

Reclamation bolstering hydro project cybersecurity with pair of contract awards

From: HydroWorld.com

The U.S. Department of the Interior has awarded five-year contracts to Booz Allen Hamilton and Spry Methods for cyber security management services at more than 600 dams under the Bureau of Reclamation’s authority.

The indefinite-delivery, indefinite-quantity contracts are each worth $45 million and cover the Department of Homeland Security’s stipulations for continuous diagnostics and mitigation.

Read Complete Article

Jun
12

Inspector general: 2 US dams at risk of ‘insider threats’

From: Associated Press

SACRAMENTO, Calif. (AP) — Two dams critical to U.S. national security are at high risk for “insider threats” that could impair operations because of poor computer security practices such as too many employees having access to administrator accounts and failures to routinely change passwords, according to a new inspector general report.

An evaluation released Monday by the U.S. Department of the Interior doesn’t name the two dams, and spokeswoman Nancy DiPaolo cited national security concerns. But they are among five dams operated by the U.S. Bureau of Reclamation that are considered “critical infrastructure,” meaning their destruction or impairment could hurt national security. Those five dams are Shasta and Folsom Dams in California, Glen Canyon Dam in Arizona, Grand Coulee Dam in Washington and Hoover Dam, which straddles Nevada and Arizona.

Jun
05

Making CDM work

From: FCW

By Chase Gunter

The Continuous Diagnostics and Mitigation program at the Department of Homeland Security has retooled in recent task orders to give voice to complaints that agencies didn’t have enough say in the acquisition and implementation process. FCW caught up with Jim Quinn, lead systems engineer for CDM, on the sidelines of a May 31 industry event to talk about how that learning curve played out in real time, from the program’s inception to the present. This interview has been edited and condensed for clarity.

May
30

According to OMB, 3 out of 4 agencies is risking cyber attack

From: FCW

By Derek B. Johnson

Approximately three out of four federal agencies are at significant risk from cyber attackers, according to a May 2018 report from the Office of Management and Budget.

***

Agencies also lack a standardized set of cybersecurity tools – something the government hopes to address through programs like Continuous Diagnostics and Mitigation. CDM is designed to scan federal networks, quickly identify unauthorized users or programs and kick them off. However, the program has been beset by numerous implementation delays over the years. Most agencies are still in Phase 1, which focuses on identifying what’s on the network; DHS is hoping that a re-tooled contracting process will help the program better gel with agency needs and priorities.

May
24

CDM acquisition gets simpler

From: FCW

By Mark Rockwell

The General Services Administration is making cybersecurity services simpler for federal acquisition professionals to order via a special item number on the Schedule 70 IT acquisition vehicle.

The SIN consolidates and categorizes product offerings under the Continuous Diagnostics and Mitigation program into product families that make them easier to find in the thousands of offerings on the schedule. Roughly 30,000 different tools — approximately half of the full CDM approved products list — are available via the SIN, Larry Hale, director of the IT security subcategory for GSA’s Federal Acquisition Service, said on the sidelines of an FCW industry event. Those products contract currently are offered via eight systems integrators, Hale said, noting that he is eager to add more contractors.

Older posts «