Cyber Hygiene
ID: 01-2022-OCPOType: Special Notice
Overview

Buyer

HOMELAND SECURITY, DEPARTMENT OFOFFICE OF THE CHIEF PROCUREMENT OFFICEROFFICE OF THE CHIEF PROCUREMENT OFFICER
Timeline
    Description

    Special Notice: Homeland Security, Department of is seeking Cyber Hygiene services. Cyber Hygiene clauses were incorporated into DHS contracts in 2015 to ensure contractor compliance with cyber standards and protections. The department is now conducting a pathfinder effort to assess industry compliance with these requirements. A self-assessment questionnaire will be released to a subset of existing DHS vendors to gather data on cyber hygiene risk. This assessment will guide future program development and improve the department's cyber posture. The goal is to protect the Homeland and strengthen the Cyber-Supply Chain Risk Management program. Collaboration with vendors is appreciated.

    Point(s) of Contact
    OCPO Communications and Industry Liaison
    DHSIndustryLiaison@hq.dhs.gov
    Files
    Title
    Posted
    The Cybersecurity Readiness Factor methodology developed by DHS assesses offerors' cybersecurity readiness using a secure assessment instrument questionnaire based on NIST security requirements. Offerors are assigned ratings based on their readiness results, with high, likelihood, and low likelihood ratings indicating their level of understanding and implementation of necessary technical controls to protect DHS CUI. The specific readiness result percentile for each offeror is provided to aid in source selection, and there is no exclusion from award eligibility based on percentile.
    Lifecycle
    Title
    Type
    Cyber Hygiene
    Currently viewing
    Special Notice
    Similar Opportunities
    CYBER COLLABORATION SUPPORT SERVICES
    Active
    Homeland Security, Department Of
    The Department of Homeland Security (DHS), through its Cybersecurity and Infrastructure Security Agency (CISA), is seeking information on Cyber Collaboration Support Services to enhance the resilience of the nation’s cyber infrastructure. The primary objectives include providing program management, stakeholder engagement, technical messaging, incident management, and technology support to strengthen collaborations and improve incident response readiness. This initiative is crucial for modernizing cybersecurity operations and ensuring a unified governmental approach to protecting critical infrastructure from cyber threats. Interested entities are invited to submit their capabilities by January 17, 2025, and may participate in an upcoming Industry Day for further engagement; inquiries can be directed to Hannah Moussa at hannah.moussa@cisa.dhs.gov or by phone at 202-568-4157.
    Industrial Hygiene and Safety Support Services
    Active
    Dept Of Defense
    The Department of Defense, through the Washington Headquarters Services (WHS), is seeking contractors to provide Industrial Hygiene and Safety Support Services for its Occupational Health Safety Branch (OSHB). The contract aims to deliver essential industrial hygiene and safety services to WHS facilities located in the National Capital Region (NCR) and other government-owned or leased properties managed by WHS. These services are critical for maintaining compliance with health and safety standards within the organization. Interested contractors must possess a Secret Facility Clearance, and personnel assigned to work at the Raven Rock Mountain Complex must also hold a Secret level Security Clearance. For further inquiries, potential bidders can contact Francisco Fernandez at francisco.fernandez14.civ@mail.mil or Allison Polizzi at allison.j.polizzi.civ@mail.mil.
    DHS Procurement Records Management Modernization (PRM2)
    Active
    Homeland Security, Department Of
    The Department of Homeland Security (DHS) is seeking industry feedback for its Procurement Records Management Modernization (PRM2) initiative, aimed at enhancing its electronic contract filing system. The project focuses on developing a cloud-based solution that improves contract file storage, workflow, and compliance management, serving approximately 1,800 personnel across various DHS components. This modernization effort is critical for streamlining procurement operations and ensuring regulatory compliance throughout contract lifecycles. Interested parties are encouraged to submit their feedback on the Draft Request for Quote by January 8, 2025, to Breean Jaroski at Breean.Jaroski@hq.dhs.gov, with no vendor marketing materials accepted.
    FY24 Service Contract Reporting in the System for Award Management
    Active
    Homeland Security, Department Of
    The Department of Homeland Security (DHS) has issued a Special Notice regarding the FY24 Service Contract Reporting requirements in the System for Award Management (SAM). Contractors are required to report the total dollar amount invoiced and direct labor hours for specific service contracts that meet Federal Acquisition Regulation (FAR) criteria, with the reporting period opening on October 4, 2024, and closing on January 31, 2025. This reporting is crucial for ensuring transparency and accountability in service contracts, particularly for cost-reimbursement, time-and-materials, or labor-hour contracts exceeding the simplified acquisition threshold, as well as fixed-price contracts above designated fiscal year thresholds. Contractors are encouraged to consult their contracting officers for clarification on reporting obligations, and any technical queries can be directed to the Federal Service Desk. For further information, contractors can reach out to DHS/OCPO Acquisition Policy & Legislation at Acquisition.Policy@HQ.DHS.GOV.
    Strategic Planning, Operational Test & Evaluation, and Architecture Evaluation
    Active
    Homeland Security, Department Of
    The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) is seeking qualified firms to support Strategic Planning, Operational Test & Evaluation, and Architecture Evaluation within its Cybersecurity Division. The primary objectives include enhancing national cyber defense and resilience through effective integration of systems, conducting research and development, and providing engineering expertise to support CISA's cybersecurity initiatives. This opportunity is critical for advancing the nation’s cybersecurity posture and involves a five-year contract that emphasizes compliance with security regulations and the necessity for contractor personnel to hold appropriate security clearances. Interested parties must submit their capabilities statements electronically by January 21, 2025, and can participate in an optional Industry Day to learn more and provide input. For further inquiries, contact Hannah Moussa at hannah.moussa@cisa.dhs.gov or call 202-568-4157.
    FIRE (Flexible Innovation for Rapid Engineering)
    Active
    Homeland Security, Department Of
    The Department of Homeland Security, specifically the U.S. Citizenship and Immigration Services (USCIS), is seeking potential contractors to provide expertise in Agile and DevSecOps methodologies for its Digital Innovation and Development (DID(it)) branch. The objective of this Sources Sought Notice is to identify businesses capable of delivering industry best practices to enhance IT system capabilities, maintain system roadmaps, and implement Agile processes such as Scrum and Kanban. This initiative is part of USCIS's broader commitment to modernizing its IT practices and improving service delivery through innovative software development methodologies. Interested parties are encouraged to submit feedback on contract vehicles and acquisition strategies by January 8, 2025, and can contact Nicholas Hart at nicholas.a.hart@uscis.dhs.gov or Monty Kurtz at Monty.N.Kurtz@uscis.dhs.gov for further information.
    RFI for Cybersecurity Supply Chain Risk Management (C- SCRM) Program
    Active
    Agriculture, Department Of
    The Department of Agriculture, specifically the USDA's Office of the Chief Information Officer (OCIO), is issuing a Request for Information (RFI) to explore industry capabilities in Cyber Supply Chain Risk Management (C-SCRM). The objective is to develop a scalable C-SCRM program that complies with federal regulations and mitigates risks associated with compromised devices within the USDA's network. This initiative is crucial for ensuring the integrity and security of the USDA's information systems and data. Interested small businesses are encouraged to submit a capability statement, limited to ten pages, detailing their relevant experience and methodologies for risk mitigation. For further inquiries, potential vendors can contact Shannon Robbie at Shannon.Robbie@usda.gov or call 970-295-5022. This RFI is a preliminary step and does not indicate any intent to award contracts or provide compensation for the information submitted.
    Sources Sought Notice (SSN)/Request for Information (RFI) – 70SBUR25I00000009 Identity, Credentials, and Access Management - Enterprise Services 3 (ICAM-ES 3)
    Active
    Homeland Security, Department Of
    The Department of Homeland Security, specifically the U.S. Citizenship and Immigration Services (USCIS), is seeking information from small business vendors through a Sources Sought Notice (SSN)/Request for Information (RFI) regarding the Identity, Credentials, and Access Management - Enterprise Services 3 (ICAM-ES 3) program. The objective is to gather market research on technical and program management support for maintaining the USCIS ICAM enterprise IT services program, which is crucial for enhancing security, privacy, and efficiency across various systems. Interested vendors are invited to provide detailed information about their capabilities, past experiences, and relevant projects, particularly in areas such as technology integration and zero-trust implementation. Responses are due by January 17, 2025, and should be directed to Sylwia Salkic at Sylwia.Salkic@uscis.dhs.gov or Gary Whitney at gary.d.whitney@uscis.dhs.gov.
    The CISA Future Forward Series: Analysis and Findings of Recent Technology Assessments
    Active
    Homeland Security, Department Of
    Special Notice: HOMELAND SECURITY, DEPARTMENT OF, OFFICE OF PROCUREMENT OPERATIONS, CISA CONTRACTING ACTIVITY The CISA Future Forward Series: Analysis and Findings of Recent Technology Assessments The Department of Homeland Security's Office of the Chief Acquisition Executive (OCAE) is excited to present the CISA Future Forward Series. This series aims to ignite innovative capabilities through engagement with industry. The upcoming event, scheduled for Tuesday, February 27, 2024, from 1:30 to 2:30 pm ET, will focus on CISA's analysis of recent assessments of emerging technologies. During this event, Dr. Garfield Jones, Associate Chief of Strategic Technology, will discuss research highlights of selected technologies that are relevant to current and future focus areas. The event will be conducted virtually via Microsoft Teams Webinar, allowing attendees to join from their desktop or mobile devices. It is important to note that this event will not discuss specific procurement actions or details. Please be aware that this notice is not a request for proposals, request for quotes, or any follow-up acquisition. CISA will not assume liability for any costs incurred by attendees or for any preparations or marketing efforts. Therefore, vendors' expenses in response to this notice are not considered an allowable direct charge to the Government. All schedules are subject to change. For more information about the Office of the Chief Acquisition Executive (OCAE) or if you have any questions, please reach out to CISAIndustryEngagement@cisa.dhs.gov. It is important to note that the CISA Future Forward series is exclusively for vendors and closed to the press. Media inquiries should be directed to CISAMedia@cisa.dhs.gov. Lastly, please be advised that this CISA Future Forward event will be recorded and uploaded to CISA's YouTube channel. However, only the presentations by CISA employees will be recorded, and the audience will not appear in the recording. This event provides an opportunity for industry engagement and knowledge sharing regarding CISA's analysis of emerging technologies.
    Threat Risk & Monitoring Services
    Active
    Homeland Security, Department Of
    The Department of Homeland Security, through the U.S. Immigration and Customs Enforcement (ICE), is seeking small businesses to provide Internet-Based Threat Risk Mitigation and Monitoring Services. The primary objective of this procurement is to enhance the security of ICE personnel and facilities against increasing threats, particularly those arising from social media, by conducting timely vulnerability assessments and real-time threat monitoring. This initiative is crucial for safeguarding ICE operations in the face of escalating online threats that have the potential to manifest as physical attacks. Interested vendors must submit their qualifications, including company history and relevant experience, by January 6, 2025, to the designated ICE officials. For further inquiries, contact Lamon Whitfield at lamon.whitfield@ice.dhs.gov or Natasha Nguyen at Natasha.T.Nguyen@ice.dhs.gov.