18 Dec 14. DoD releases new federated cloud procurement policy. Defense agency CIOs now have more power to buy cloud services under a new memo that gives component agencies authority to act as their own brokers, rather than going through the Defense Information Systems Agency. Acting DoD CIO Terry Halvorsen has said he wants to speed up the cloud acquisition process among the department’s many component agencies and military branches. The move to federate responsibility for the process is intended to do just that, while maintaining a level of security necessary for defense operations. There will still be oversight, as agencies must complete a Business Case Analysis (BCA) prior to each acquisition using the guidelines set forth in an October DoD memo. Both the component agency CIO and DoD CIO must sign off on the BCA before the purchase is finalized. Minimum security standards will follow the Federal Risk Authorization and Management Program (FedRAMP). DoD is working on a policy guide for sensitive unclassified data expected to be released Jan. 7. The security guide will require cloud providers to submit evidence to DISA that their services can handle sensitive information securely. If a product meets the security requirements, DISA will issue a provisional authorization. Component agency CIOs will then use the BCA and information in the provisional authorization to make decisions on cloud purchases. “This is a great outcome,” said Carmen Krueger, senior vice president and general manager for cloud operations at SAP National Security Services (SAP NS2). “The Department of Defense is a very large organization and the services have historically had some level of autonomy in information technology choices but with that key umbrella of security protocols that they have to follow.” Krueger noted the provisional authorizations will work in much the same way that civilian cloud providers use authority to operate accreditation. Like an ATO, provisional authorization will give component agencies assurance that the provider meets the baseline requirements without having to duplicate the process at each agency. (Source: C4ISR & Networks)
21 Dec 14. DISA PEO-MA is seeking information for potential sources with competencies in the following two areas: (1) engineering and development services to support cyber analytic development for DISA and the Department of Defense (DoD) on DISA’s Cyber Situational Awareness Analytic Cloud (CSAAC), and/or (2) a Commercial Off the Shelf (COTS) product or suite of products to stage data for rapid presentation to external users (both human and machine) and to enable users to tailor visualizations of analyzed data. These tools are commonly known as Business Intelligence (BI) tools. These analytics and BI capabilities will be deployed alongside other third party analytics from Federal and DoD Services and Agencies in order to support increased situational awareness and computer network defensive capabilities for a variety of stakeholders. The vendor will be required to provide analytics and visualization widget (either BI or Ozone Widget, as required) engineering, BI licensing and BI integration, certification and accreditation, and program management/administrative support closely integrated with cutting-edge research and development capabilities.
Contract Number: HC1028-08-D-2015-0005
Contract Type: FFP, CPFF
Incumbent and their size: ManTech International Corporation (Large)
Method of previous acquisition: Full and open competition
Contract Number: HC1028-13-A-0013-0004
Contract Type: FFP
Incumbent and their size: Foxhole Technology (Small)
Method of previous acquisition: Full and open competition
The current efforts provide a NetOps architecture and implementation strategy for a unified and highly secure management environment that results in the creation of new, and improvement of existing, Situational Awareness (SA) capabilities that cross organizational and system boundaries for the Warfight