Cyber Hygiene Support Services

SOL #: PCCS-26-40001JustificationSole Source

Overview

Buyer

Homeland Security
Office Of Procurement Operations
CISA CONTRACTING ACTIVITY
Washington, DC, 20528, United States

Place of Performance

VA

NAICS

Computer Systems Design Services (541512)

PSC

Support Services Focused On Supporting Security Policies/Controls, Processes, Measuring Compliance Of Relevant Legal/Compliance Requirements, To Include Section 508, And Responding To Security Breaches. Also Provides Support For It Security Systems Providing Continuous Diagnostics And Mitigation (Cdm) For Real Time Cyber Security And Protection Such As Vulnerability Scanning, Managing Firewalls, Intrusion Prevention Systems, And Security Information And Event Management (Siem). Includes Disaster Recovery (Dr) Services To Support Dr Policy, Process And Means, Dedicated Failover Facilities And Perform Dr Testing. (DJ01)

Set Aside

No set aside specified

Timeline

1
Posted
Apr 15, 2026

Qualification Details

Fit reasons
  • NAICS alignment with historical contract wins in similar service areas.
  • Scope strongly matches core technical capabilities and delivery model.
Risks
  • Past performance thresholds may require one additional teaming partner.
  • Potential clarification needed on staffing minimums before bid/no-bid.
Next steps

Validate eligibility requirements, assign capture owner, and schedule partner outreach to confirm teaming strategy before submission planning.

Quick Summary

The Department of Homeland Security (DHS), specifically the CISA Contracting Activity, has issued a Justification for Exception to Fair Opportunity for Cyber Hygiene Support Services. This action justifies a sole-source award to NTT Data Services Federal Government, LLC as a logical follow-on to an existing order, ensuring continuity of critical cybersecurity services for CISA's over 12,500 customers. This is not a solicitation for proposals.

Scope of Work

The services are essential for strengthening DHS/CISA's cybersecurity posture, limiting exposure, and reducing exploitation rates. Key services include:

  • Vulnerability Scanning (VS): Scans and reports on external, IP-based vulnerabilities.
  • Web Application Scanning (WAS): Assesses publicly accessible web applications for known vulnerabilities and weak configurations.
  • Posture and Exposure services: Utilizes open-source and vendor-supplied data feeds to provide actionable reports.

Contract & Timeline

  • Contract Type: Justification for Exception to Fair Opportunity (Sole-Source)
  • Period of Performance: March 30, 2026, through March 29, 2027
  • Incumbent Contractor: NTT Data Services Federal Government, LLC
  • Previous Award: Competitively awarded task order on September 30, 2020, against GSA Alliant 2 Unrestricted vehicle.
  • Published Date: April 15, 2026

Rationale for Exception

The sole-source action is approved in the interest of economy and efficiency, preventing disruption of critical security services and avoiding significant delays and cost inefficiencies associated with transitioning to a new vendor. This is a logical follow-on to an existing order.

Set-Aside

This specific action is a sole-source justification. However, market research indicates that multiple companies on the GSA Alliant 2 GWAC can support the requirement for a future competitive award.

Evaluation

This document is a justification, not a solicitation. The Contracting Officer anticipates a fair and reasonable price based on GSA Alliant 2 GWAC rates, historical pricing, and comparison to the Independent Government Cost Estimate (IGCE).

Additional Notes

A competitive procurement for these services is currently underway, with an estimated award date in Q2 Fiscal Year 2027. The justification will be posted on SAM.gov.

People

Points of Contact

Michael AshworthPRIMARY
michael.ashworth@cisa.dhs.gov
2022865737
Hannah MoussaSECONDARY
hannah.moussa@cisa.dhs.gov
2025684157

Files

Files

Download

Versions

Version 1Viewing
Justification
Posted: Apr 15, 2026
Cyber Hygiene Support Services | GovScope