GSA ponders special item number for CDM tools on the schedule

The General Services Administration is proposing a new service to the IT Schedule 70 contracts for continuous diagnostic and mitigation services (CDM) tools.

The proposed special item number (SIN) will provide a new approach to protecting the cyber infrastructure of the civilian .gov network environment. Officials consider the CDM tools a shift from historical compliance reporting to dealing with network threats in real-time. The tools would gather system attributes to determine the current state of the network. The tools would track who and what are on the network, how it is protected, and what is happening on the network, according to a new request for information

The CDM tools SIN is based on a 30-day cybersecurity sprint in 2015, which birthed the Cybersecurity Strategy Implementation Plan.

Current CDM blanket purchase agreements that provide information security continuous monitoring are set to expire in August 2018. The new SIN would replace those BPAs.

The CDM program will offer federal agencies, as well as state, local, regional, and tribal agencies, enhancements and further automation of existing continuous network monitoring and analysis of critical security-related information.

Under the newly released RFI, GSA and Homeland Security Department are asking industry and stakeholders for feedback on the proposed tools, and they want to know how companies are currently selling similar CDM tools through IT Schedule 70 contracts.

GSA released its RFI March 22. Responses are due by April 5.