Loren Data's SAM Daily™

FBO DAILY - FEDBIZOPPS ISSUE OF MARCH 24, 2017 FBO #5600
DOCUMENT

70 -- GSA Proposed Special Item Number (SIN) on IT Schedule 70: Continuous Diagnostics and Mitigation (CDM) Tools Request for Information (RFI) - Continuous Diagnostics and Mitigation (CDM) RFI Document - Continuous Diagnostics and Mitigation (CDM) RFI Response Form Link

Notice Date

3/22/2017
 

Notice Type

Continuous Diagnostics and Mitigation (CDM) RFI Response Form Link
 

NAICS

511210 — Software Publishers
 

Contracting Office

General Services Administration, Federal Acquisition Service (FAS), Center for IT Schedule Operations (QTFA), 1800 F St NW, Washington, District of Columbia, 20405, United States
 

ZIP Code

20405
 

Solicitation Number

ITSchedule70_Proposed_CDM_SIN
 

Archive Date

4/6/2017
 

Point of Contact

ITSchedule70@gsa.gov,
 

E-Mail Address

ITSchedule70@gsa.gov
(ITSchedule70@gsa.gov)
 

Small Business Set-Aside

N/A
 

Description

Continuous Diagnostics and Mitigation (CDM) RFI Document Strengthening the security posture of Federal networks, systems and data is one of the most important challenges we face as a nation. As such, the General Services Administration (GSA) and the Department of Homeland Security (DHS) have partnered to provide customer agencies with a Continuous Diagnostics and Mitigation (CDM) Program established to safeguard, secure and strengthen cyberspace and the security posture of Federal networks in an environment where the cyberattack threat is continuously growing and evolving. The CDM Program is a federally-funded program designed to provide a new approach to protecting the cyber infrastructure of the civilian.gov network environment. The CDM Program moves away from historical compliance reporting toward combating threats to our nation's networks on a real-time basis, where tools are gathering system attributes to determine the current state of the network. ● Phase 1: "What is on the network?" ● Phase 2: "Who is on the network?" ● BOUND: "How is the network protected?" ● Phase 3: "What is happening on the network?" For CDM tools to automatically determine and report anomalies to the CDM Dashboard, Federal Agencies will need to establish policies in digital formats that define the desired state for the attributes measured by CDM tools. The CDM Dashboard will then score the security weaknesses and vulnerabilities (i.e., defect state) to provide a prioritized order for mitigation and/or remediation. The CDM Program offers all state, local, regional, tribal and federal agencies, the ability to enhance and further automate existing continuous network monitoring capabilities, correlate and analyze critical security-related information, and enhance risk-based decision making at the agency and Federal enterprise level, consistent with Office of Management and Budget Memo 14-03 "Enhancing the Security of Federal Information and Information Systems," November 18, 2013. On June 12, 2015, the Federal Chief Information Officer (FCIO) initiated a 30-day Cybersecurity Sprint, which resulted in the creation of OMB Memorandum M-16-04, Cybersecurity Strategy Implementation Plan (CSIP). The CSIP is a result of a comprehensive review of the Federal Government's cybersecurity policies, procedures and practices by the Cybersecurity Sprint Team to strengthen Federal civilian cybersecurity. As part of the CSIP, DHS was asked to accelerate the deployment of CDM capabilities to all participating Federal agencies to enhance detection of cyber vulnerabilities and protection from cyber threats. The current CDM Program Blanket Purchase Agreements (BPAs), established to provide a consistent, government-wide set of information security continuous monitoring (ISCM) tools, expire in August of 2018. Therefore, GSA and DHS are continuing to partner to establish a government-wide contracting solution to provide this capability. GSA is considering a new Special Item Number (SIN) under IT Schedule 70 specifically for Continuous Diagnostics and Mitigation (CDM) Tools. The purpose of the RFI is to achieve the following two goals: ● Gain feedback from industry and any other relevant stakeholders on the proposed CDM SIN; and ● Better understand how industry partners are selling CDM Tools today on IT Schedule 70. GSA CDM SIN Goals: ● Establish a government-wide contracting solution to continue to provide a consistent set of continuous diagnostics and mitigation tools; ● Enhance the ability of offerors to bring new and innovative solutions to the CDM Program; ● Improve Government access to the best available technology and improve the flexibility of the CDM Program; ● Streamline CDM Requirements from 15 Tool Functional Areas (TFAs) to 5 subcategories; and ● Establish and maintain a list of approved CDM products and to provide a mechanism to qualify new products against the CDM requirements and add products to an Approved Product List (APL). Attached is the CDM RFI document and link to the response form. The CDM RFI document summarizes the questions asked in the response form. Questions on this RFI may be directed to ITSchedule70@gsa.gov. Please include CDM RFI in the subject line.
 

Web Link

FBO.gov Permalink
(https://www.fbo.gov/notices/b309c86f3d45e5dd13fa40554d5e7209)
 

Document(s)

Continuous Diagnostics and Mitigation (CDM) RFI Response Form Link
 

File Name: Continuous Diagnostics and Mitigation (CDM) RFI Response Form (https://docs.google.com/forms/d/18NsO2zEbTEwQfletgoHGOVthwrHyPDEdVIIzM_SQ0UU/viewform?edit_requested=true)

Link: https://docs.google.com/forms/d/18NsO2zEbTEwQfletgoHGOVthwrHyPDEdVIIzM_SQ0UU/viewform?edit_requested=true

 

Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
 

Record

SN04443267-W 20170324/170322234212-b309c86f3d45e5dd13fa40554d5e7209 (fbodaily.com)
 

Source

FedBizOpps Link to This Notice
(may not be valid after Archive Date)

---

| FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |