Notice ID: 47QFRA24K0002
Established in 2012, the Continuous Diagnostics and Mitigation (CDM) Program is a dynamic approach to fortifying the cybersecurity of Government networks and systems. The CDM Program provides cybersecurity tools, integration services, and dashboards to participating agencies (Chief Financial Officers [CFO] Act agencies and non-CFO Act agencies) to support them in improving their respective security postures by delivering better visibility and awareness of their networks and defending against cyber adversaries. In supporting CISA’s mission, CDM works closely with agencies to deploy capabilities that help agencies protect their hardware and software assets, networks, and the data they contain.
The following provides initial requirement objectives for advanced engineering services.
Provide Technology Implementation Roadmap: Continuously review the cyber threat landscape, the cybersecurity tool marketplace, and any changes or innovations based on the Government or industry cybersecurity best practices. The intent of this effort is to maintain awareness of the features, benefits, and limitations of current investments and potential future investments. This effort would look to fully analyze existing in operation solutions and identify areas for improvement/standardization. Roadmaps may be tailored based on CDM customers’ specific maturity and need.
Conduct Analysis of Alternatives: The Government plans to understand potential solutions to meet capability needs when the decision space is broad and could involve a combination of using existing tools, building a new custom solution or purchasing a new tool. An example of the type of request that would fall under an Analysis of Alternatives (AOA) would be to determine how the program can best assist agencies in measuring the transition to a zero-trust architecture.
Develop Trade Studies: The Government plans to analyze various tool sets for potential deployments. To support the decision-making process of the Government, the contractor shall perform and document via a trade study. The intent of the trade study is to provide a bounded analysis where the scope is narrow, such as analyzing what tool can best accomplish a specific task. An example could be which COTS tool(s) can best meet the Government’s EDR requirements.
Design, Build, and Test Solutions: Design, build and testing solutions to ensure it meets requirements. This effort would include developing a comprehensive design for each solution targeted for implementation, building a prototype of the targeted solution, including the provisioning of all necessary software, hardware, in a testing environment. Once a solution is built and configured, Government testing would occur, intending to satisfy the CDM program’s need to conduct developmental testing of capabilities within the program’s baseline. Fully built solutions would be implemented at agencies via other contracts. Piloting could occur under the Advanced Engineering Services effort.
Support Solution Deployment: Support provided to stakeholders (Government and other contractors) in the implementation and deployment of approved solutions. In this support role, this requirements as reach-back support to stakeholders as they work to deploy solutions at agencies.
Want to get involved with OS AI? - A small number of Sponsorship Opportunities are now available here. Starting at $500.