GSA to award final Safeguard pacts

The General Services Administration this week will award the last in a series of information security contracts under its Safeguard Program and will work closely with the winning vendors to tailor their individual strengths to the needs of users in various federal agencies.

The Safeguard contracts are intended to help agencies develop plans required under Presidential Decision Directive 63 to protect their critical information systems. The services include everything from continuity and contingency planning to protecting an agency's physical infrastructure.

Because of this wide range, the Office of Information Security (OIS) at GSA's Federal Technology Service will award 28 blanket purchase agreements under Safeguard, most of which had been signed last week. In the next few weeks, GSA will be meeting with the vendors to decide how best to bring their services to agencies.

"We are going to have all of the vendors in for a conference, and we'll be meeting with those who take a proactive approach in the program," said Sallie McDonald, deputy assistant commissioner for information security at OIS. "We will be working with them to determine their strengths and jointly market the services."

Some vendors may be getting a Safeguard BPA "to get their ticket punched" as a contractor certified to offer its services to federal agencies through the GSA program, McDonald said. But other vendors received calls from agencies interested in using their services even before they won contracts, and those are the vendors that GSA wants to work with, she said.

Agencies have been waiting for the contracts to be awarded, and two task orders already are out from the Department of Veterans Affairs and the Military Sealift Command. While there are other contracts with security services available, Safeguard is the only program focusing specifically on PDD-63. This, and the fact that it is a GSA contract, make it very attractive to agencies that are struggling to comply with the directive as quickly as they can, vendors said.

Eric Ek, manager of the Information Security Center of Excellence at Lockheed Martin Mission Systems, said agencies "really want to use a GSA vehicle" because the contracts are easy to use and because of the assistance GSA provides to contract users.

Several agencies have expressed concerns about problems they are having complying with PDD-63, including funding shortfalls and difficulties in determining responsibilities, said Mike Fox, vice president and deputy director of C3I programs at SRA International Inc.

Fox said GSA could perform a vital role by speaking with these agencies as the lead agency for critical infrastructure protection in the federal sector and encouraging agencies to come to the contract as a way to solve those problems.

"I need [GSA] to help bring the federal agencies to the table," Fox said.

Many of the first vendors to be awarded BPAs have been marketing the contracts since late spring. And much of that initial work involved informing agencies that the contracts exist to help them with their critical infrastructure needs, said Thomas McDermott, senior vice president of information assurance in the Communications Systems Division at CACI Inc.

Some agencies already are using security services from Safeguard vendors on other contracts, and both the vendors and GSA would like to see that work transferred to the Safeguard program.

Eugene J. Hunt Jr., assistant vice president and program manager at Science Applications International Corp., said he expects users to embrace the Safeguard program because it offers "increased visibility that they are complying with PPD-63."

Vendors have even tailored their security services offerings specifically to address the areas covered by Safeguard.

"Our team does both technology-type services and consulting-type services," Ek said. "PDD-63 services are big right now, so our consulting services are built right now for meeting agency needs for PDD-63."

Others, such as Unisys Federal Systems, have included research groups in their subcontracting teams to be able to continually offer the latest technology to agencies. "The threat is real, and we need to get the tools out there," said Ed Schaffner, program manager at Unisys.

***

Safeguard at a Glance

* Critical infrastructure asset identification* Risk management* Critical infrastructure continuity and contingency planning* Physical infrastructure protection* Information systems security and information assurance* Emergency preparedness, awareness training, exercises and simulations

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.