U.S. Cyber Command Commander Adm. Michael S. Rogers presents Secretary of Defense Ash Carter a challenge coin as Secretary Carter departs US CYBERCOM after a visit Jan. 27, 2016 to discuss matters of importance with Adm. Rogers. (DoD photo by Senior Master Sgt. Adrian Cadiz) Courtesy of Ash Carter via Flickr
Update: On August 18, 2017, President Trump officially announced the elevation of CYBERCOM to Unified Combatant Command status.
The U.S. Cyber Command, or CYBERCOM, is opening up a new acquisition office, according to a report by Federal News Radio on January 3, 2017. By hiring procurement experts, the government hopes to speed up CYBERCOM contracting capability to meet cyber operations needs quickly.
The move reflects a major expansion of CYBERCOM — from the budget of $75 million per year that it was allotted last year, to the move in the 2017 NDAA to elevate it to a full combatant command. As the military’s cyber capabilities expand, contractors should take notice: with more money and more authority, CYBERCOM contracting opportunities are bound to grow in the coming years.
The evolution of CYBERCOM
The status of CYBERCOM is being elevated because of changing threats. As technology develops, cyberwarfare is becoming increasingly important for the military, as is defending classified networks and critical infrastructure from cyberattacks. The move to elevate CYBERCOM and streamline its acquisition reflects a growing trend in the government cyber acquisition, as evidenced by programs like GSA HACS.
The military’s investment in cyber is relatively new. Since its founding in 2009, CYBERCOM has been a part of the U.S. Strategic Command. It is run by the head of the National Security Agency (NSA), currently Navy Adm. Michael Rogers. The Cyber Command is based out of NSA headquarters in Ft. Meade.
The “dual hat” leadership of both NSA and CYBERCOM has come under scrutiny recently. Critics argue that they are both large enough to each need their own leader, and that their missions are different.
CYBERCOM’s mission areas include directing and defending DOD information networks, as well as conducting cyber operations in order to “ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.” NSA’s mission is more oriented towards electronic intelligence gathering.
This criticism led to a move to separate them in the National Defense Authorization Act for fiscal year 2017. Pentagon and White House officials have long been advocating for the Cyber Command to be elevated to one of the Unified Combatant Commands, like U.S. Central Command and U.S. Strategic Command, that divide up geographic and functional mission areas across the DOD.
The final version of the NDAA set a path for CYBERCOM to become a full combatant command, but with a catch: Before it can be separated from NSA, the Secretary and Chairman of the Joint Chiefs of Staff have to certify that it will not “reduce military effectiveness.” In his NDAA signing statement, President Obama expressed his frustration at this hang-up, arguing that:
“While the dual-hat arrangement was once appropriate in order to enable a fledgling CYBERCOM to leverage NSA’s advanced capabilities and expertise, CYBERCOM has since matured and the current construct should be replaced through a deliberate, conditions-based approach to separating the organizations.”
Despite the obstacle, it is possible that CYBERCOM will soon be elevated to Unified Combatant Command status. Defense Secretary Ash Carter supports the move, though Trump’s Defense Secretary pick James Mattis’ position is unknown, and his nominee for the Chairman of the Joint Chiefs has not been announced.
CYBERCOM contracting: a brief history
CYBERCOM is setting up a team of about ten acquisition officials, who will be responsible for spending $75 million per year for rapid cyber operations until at least 2021. The office will report directly to the head of CYBERCOM.
The Cyber Command’s contracting history is composed mostly of preexisting vehicles and GSA Schedules; most of its procurement is done through task orders. Services that CYBERCOM has sought through these vehicles in the past include:
– Cyber Analysis Support
– Global Information Grid (GIG) Threat and Intrusion Intelligence Analysis Support
– Intelligence Watch Officer Support
– Intelligence Mission Management Collection and Requirement Analysis Support
CYBERCOM has also acquired services through ENCORE II, a Defense Information Services Agency (DISA) procurement vehicle. You can read more about DISA’s IT contract vehicles here. For a full overview on the ENCORE contract, including a look at ENCORE III, log in to EZGovOpps or sign up for a free trial and then visit this page.
Currently Booz Allen Hamilton is providing on-site CYBERCOM services under an ENCORE II task order. The contract, which has the NAICS code 541712, Research and Development: Physical, Engineering, Life Sciences, expires in 2019. It was formerly held by HP Enterprise Services, but was won by Booz Allen in 2012.
Since USCYBERCOM was established in 2009, it has spent almost $900 million on this contract alone. As the command expands, and likely becomes its own Unified Command, you can expect even more contracting dollars to come out of CYBERCOM.
Don’t forget to view our full GovCon News section for more intel.