General Information Company Information Create My Account

Free 5-day trial.

Once you sign-up, you can add 4 additional team members within your EZGovOpps Portal. If you have a team member that already has an EZGovOpps account, ask them to get add you. If you sign-up for your own trial you will not be able to experience the extensive collaboration tools that are available within EZGovOpps.

First name:

Last name:

Title:

Email:

Phone:

Company Information

Company:


Primary NAICS:


Postal Code:


Employees:

How did you hear about EZGovOpps?:
If your selection has a * symbol,please
share more details as to your selected choice


Do you have a unique socio economic status?:
Small Business
Total Small Business
Hubzone
WOSB
8(a)
Emerging Small Business
VOSB
SDVOSB
Economically Disadvantaged WOSB


Is your company registered with the Federal Government (Sam.gov)?:
Yes
No
Not Sure

Create Account

Referred By:



Your trial will expire at Midnight on .



Email me EZGovOpps Updates and Events
Subscribe to receive GovEvents
I agree to the EZGovOpps Terms of Service
    Terms and Conditions

Congratulations! Your 5-Day free trial awaits.

Your activation email should arrive in a few minutes.
If you don't see it, please check Spam/Clutter.

Step 1) Validate Sign-Up via Email Step 2) Login to EZGovOpps Step 3) Experience EZGovOpps free!
Need assistance? EZGovOpps Ultimate Member Support can be reached by email at support@ezgovopps.com

Schedule a personalized demo to enhance your evalution.

EZGovOpps Member Portal Secure Log In

Enter your email address and we will send you password reset instructions.

Get started with your free 5 day trial.

GSA requests info for CDM SIN on Sched 70

CDM DHS

A DHS briefing on real-time cybersecurity monitoring (DHS via Flickr)

CDM SIN- EZGovOpps has covered the latest Special Item Numbers (SINs) added to IT Schedule 70 including the HACS cybersecurity SIN, a new Health IT SIN, and a proposed “Earth Observation Solutions” SIN for GIS-related products and services. Now, GSA has released a Request for Information (RFI) to gather input on a possible SIN for Continuous Diagnostics and Mitigation (CDM), real-time cybersecurity tools needed to “safeguard, secure and strengthen cyberspace and the security posture of Federal networks.” This will build off of the current GSA partnership with DHS (the agency with authority to enhance Federal CDM capabilities), the CDM Program Blanket Purchase Agreement, which expires in 2018.

The CDM BPA

In 2012, the Office of Management and Budget decided that continuous monitoring, a real-time cybersecurity method defined by the National Institute of Standards and Technology as “maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions,” should be a cybersecurity priority for Federal agencies. To that end, DHS established the CDM Program to implement the installation and use of CDM technologies, enabling “government entities to expand their continuous diagnostic capabilities by increasing their network sensor capacity, automating sensor collections, and prioritizing risk alerts.”

Working with the GSA, DHS created a CDM government-wide acquisition contract (GWAC), as a blanket purchase agreement (BPA), in 2013. Awarded with a ceiling of $6 billion, the has a 5-year period of performance, allowing for Federal, state, and local agencies  to procure 15 CDM capabilities (also known as Tool Functional Areas) currently divided into 3 phases, from 17 contract holders:

CDM BPA Awardees Current DHS/CDM Model
  • Booz Allen Hamilton
  • CGI
  • CSC
  • DMI
  • DRC
  • GDIT
  • HPES
  • IBM
  • KCG
  • Kratos
  • Leidos
  • Lockheed-Martin
  • MicroTech
  • Northrop-Grumman
  • SRA
  • Technica

 

Phase 1:

  • HWAM – Hardware Asset Management
  • SWAM – Software Asset Management
  • CSM – Configuration Settings Management
  • VUL – Vulnerability Management

Phase 2: Least Privilege and Infrastructure Integrity

  • TRUST –Access Control Management (Trust in People Granted Access)
  • BEHV – Security-Related Behavior Management
  • CRED – Credentials and Authentication Management
  • PRIV – Privileges

Phase 3: Boundary Protection and Event Management for Managing the Security Lifecycle

  • Plan for Events
  • Respond to Events
  • Generic Audit/Monitoring
  • Document Requirements, Policy, etc.
  • Quality Management
  • Risk Management
  • Boundary Protection (Network, Physical, Virtual)

 

The CDM SIN

With the success of the BPA, and a continuing need for CDM-upgrades after the contracts end in 2018, and a 2015 “Cybersecurity Sprint” plan which calls for a further-accelerated deployment of CDM capabilities, the GSA is working with DHS on the idea to create a SIN for CDM tools on IT Schedule 70. The partners intend to provide the same 15 Tool Functional Areas, but they would be grouped into 5 categories under the planned SIN, for easier company access and easier agency acquisition. Beyond improving the agency and company access to these solutions, GSA also hopes that a SIN would make it easier to provide new and innovative solutions to CDM, and provide new mechanisms for easier approval of CDM solutions for accession to an “Approved Product List (APL).”

Responses to the RFI are due on April 5, and must be submitted through this form. The GSA, through this RFI, has a particular interest in: learning industry thoughts on the proposed SIN, and understanding how CDM solutions are currently provided on IT Schedule 70.

Other GWACs have begun to compete with IT Schedule 70, as EZGovOpps recently noted, and EZGovOpps believes that IT procurement will only continue to grow in size and scope. In a time when Federal procurement is becoming more competitive and less predictable, a market intelligence platform like EZGovOpps can provide the information needed to follow procurement trends, produce personalized opportunity forecasts, and provide custom analyst-updates for a complete understanding of the Federal contracting market today.

Don’t forget to view our full GovCon News section for more intel

Published March 29, 2017

Leave a Reply