First CDM Phase 3 task order hits the street

The General Services Administration has taken the next step in the federal government's rollout of its civilian agency cybersecurity program.

GSA confirmed to FCW on Aug. 25 that it has released a task order for CDM DEFEND, part of Phase 3 of the Continuous Diagnostics and Mitigation program. That phase focuses on boundary protection and incident response.

The task order covers Group B agencies -- the Agriculture, Energy, Interior, Transportation and Veterans Affairs departments; the Office of Personnel Management; and the Executive Office of the President, including the Office of Management and Budget.

It's not clear how much spending will be devoted to those agencies, but $2.75 billion to $3.4 billion could be spent across all agencies on CDM Phase 3.

DEFEND -- an acronym for Dynamic and Evolving Federal Enterprise Network Defense -- is a two-pronged acquisition strategy developed to replace the CDM monitoring-as-a-service blanket purchase agreement, which expires in August 2018.

When asked about the significance of the initial Phase 3 task order, a GSA spokeswoman said the agency does not comment on active procurements.

The Group B task order is broken up into a base year with options for five more and seems to be valued at roughly $100 million in the base year, said Eric Trexler, executive director for civilian and national security programs at McAfee. The company is not a prime contractor for CDM, but it was used on 13 of the 18 original prime contracts during Phases 1 and 2 and is expected to collaborate on bids for Phase 3.

The resulting services from the Group B task order will be available through GSA's eBuy portal, according to GSA.

Responses from potential bidders are due by Sept. 21. Trexler said he expects the contract for Group B to come sometime in the first quarter of 2018.

GSA has been rearranging how and when it will provide CDM services with an eye toward more efficiency for federal agencies as the CDM program moves forward. GSA and the Department of Homeland Security jointly administer the program, which seeks to fend off cyberattacks aimed at the civilian agency .gov domain in real time.

CDM initially focused on asset management (what is on the network) and credentialing (who is on the network). Trexler said those activities have contributed to a more agency specific or tailored approach for CDM Phase 3 task orders and potential contracts.

"The CDM program office learned a lot from the visibility" agencies gained through the first two phases, he added.

This article was updated Aug. 29.