CISA sketches out timeline for incident response, threat hunting contract
Gettyimages.com / Asbe
By
Ross Wilkers
The Cybersecurity and Infrastructure Agency is seeking an industry partner to help deploy, develop and maintain technologies used by its threat hunting office.
The Cybersecurity and Infrastructure Agency has given industry a rough timeline of its plan to award a contract for incident response and proactive threat hunting support.
CISA is estimating the final solicitation release date as on or around May 1, 2027, with an award to follow in the third quarter of calendar year 2027, the agency said in a Monday notice to DHS’ Acquisition Planning Forecast System.
CISA plans to use the General Services Administration’s Schedule in awarding the contract, of which the ceiling value is currently estimated as north of $100 million.
The Cyber Technology Services contract is being set up to cover functions such as IT architecture, IT development operations, IT security operations, and operations-and-maintenance.
A draft performance of work released in May describes CISA’s need for an industry partner to help deploy, develop and maintain cyber technologies used by the agency’s threat hunting office.
CISA also is seeking help in areas such as vulnerability management, security assessments, cloud engineering, implementation of the DevSecOps software development practice, continuous monitoring and software development support.
This is a brand new requirement with no incumbent.