WT Business Beat

By Nick Wakeman

Blog archive
Nick Wakeman

What we know and don't know about the $6B CDM contract

I don’t usually start with a rant, but the Homeland Security Department has done a poor job in getting the word out about a $6 billion contract that they claim will be a game changer for how agencies buy cybersecurity products and services.

The 17 winners of the DHS Continuous Diagnostics and Mitigation contract apparently were notified late Monday afternoon. Jason Miller at FederalNewsRadio broke that news.

As I and other reporters chased the story on Tuesday, companies on the list were active reaching out with interviews offers and statements about what a great win this is.

But DHS was only about 12 hours behind the rest of the world in putting out any news on it, and it still lacks an official list of winners.

Technically, the contracts are blanket purchase agreements issued for DHS by the General Services Administration, but calls to GSA were redirected to DHS. And then, when I spoke to the DHS spokesman, he wanted to know who gave me his number.

Dude, it’s your job.

I'm frustrated because this contract is important, and is a real opportunity for the government to change how it buys the products and services it needs to secure its networks.

Here’s what it can do:

  • Lower costs by giving agencies a vehicle that makes it easier to take an enterprise view of network security.
  • Promotes consolidation and standardization of network security.
  • Allows for a more risk-based approach to cybersecurity.
  • Provides near real-time monitoring of networks, which will allow better decision making and a more proactive approach to cybersecurity.

Here are some more specifics:

The contract can be used to buy sensors for hardware asset management and software asset management and whitelisting. It can be used for vulnerability management, compliance setting management and the contract will feed dashboards with data about security flaws and risks. All of this can be done in an automated and continuously updated dashboard.

The contract is big on dashboards because of how they help collect and synthesize information for better decision making. The information feeding these dashboards will be near real-time, and will make it easier for network operators to prioritize and mitigate risk.

The contract is open to all federal civilian agencies, tribal governments and state and local governments.

For the 17 winners, the contract should be a terrific sales vehicle for selling their products, services and a variety of solutions.

But the emphasis in that sentence is definitely on the word “should”; on paper, it all looks great, and there is definitely the need for the CDM contract, but here is the big "what we don’t know": Yes, it is a great vehicle, but will agencies use it? And if they do, will they take advantage of some of its more compelling features, such as buying these tools via a cloud-based service?

What I’ve always been told about cybersecurity is that agencies don’t buy it as a standalone feature; it is part of a broader implementation. So, how does CDM fit traditional buying patterns?

Does anyone remember the iAssure contract let by the Defense Information Systems Agency? It had a $1.5 billion ceiling, and was won by 11 companies in 2000. It never lived up to expectations, and was allowed to quietly expire. Other contracts filled the need.

Will the same happen to CDM? Probably not, but the potential is there. A vehicle like this needs marketing and promotion, and not just by the winning contractors; DHS should have been out there front and center with these awards. It's a missed opportunity to show its leadership.

Posted by Nick Wakeman on Aug 14, 2013 at 1:29 PM


Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close
SEARCH
 Top 100 Slideshow
contracts DB

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Read More

  • Is SBA MIA on contractor fraud? Nick Wakeman

    Editor Nick Wakeman explores the puzzle of why SBA has been so silent on the latest contractor fraud scandal when it has been so quick to act in other cases. Read More

Webcasts