Acquisition Planning Forecast System
Forecast Record Number:	F2024067018 Print

Component: DHS HQ/CISA

Published Date: July 29, 2025, 9:52 a.m.

Previously Published On: Jan. 2, 2025, 12:59 p.m.

NAICS: 541512 - Computer Systems Design Services	Competition: YES
Small Business Set-Aside: N/A	Small Business Program: None
Contract Vehicle: Alliant 2	Contract Type: Time and Materials
Contract Status: Recompetition	Incumbent: NTT DATA Services Federal Government LLC
Contract Number: 70RCSA20FR0000133	Anticipated Award Quarter: Q4 FY2026
Estimated Solicitation Release: 2026-04-01	Contract Complete: 2029-09-29
Requirements Title: Cyber Hygiene Support
Description: The objective of this requirement is to enhance CISA’s ability to provide Federal, State / Local / Tribal / Territorial (SLTT), and Critical Infrastructure with proactive services to evaluate an organization’s external security posture to assist the organization in improving their cybersecurity posture, limiting exposure, and reducing exploitation rates through vulnerability scanning support, Phishing Campaign Assessment (PCA) support, Web Application Scanning (WAS) support, and Posture & Exposure (P&E) reporting.
Estimated Dollar Range: $20,000,000.00 to $50,000,000.00	Place of Performance: Arlington, VA
POC Name: Hannah Moussa	Alternate POC Name: Michael Ashworth
POC Phone: (202) 568-4157	Alternate POC Phone: (202) 286-5737
POC Email: [email protected]	Alternate POC Email: [email protected]
Small Business Specialist/APFS Coordinator POC Name: Nicholas Milillo
Small Business Specialist/APFS Coordinator POC Phone: (771) 888-5623	Small Business Specialist/APFS Coordinator POC Email: [email protected]

Change Log

Field Changed	Old Value	New Value	Date Changed
Previous Published Date	11/13/2024	01/02/2025	July 29, 2025
Published Date	01/02/2025	07/29/2025	July 29, 2025
Last Updated Date	01/02/2025	07/29/2025	July 29, 2025
Small Business Specialist/APFS Coordinator Email	None	[email protected]	July 29, 2025
Small Business Specialist/APFS Coordinator Last Name	None	Milillo	July 29, 2025
Small Business Specialist/APFS Coordinator First Name	None	Nicholas	July 29, 2025
Alternate Contact Phone	(202) 666-5011	(202) 286-5737	July 29, 2025
Alternate Contact Last Name	Harvey	Ashworth	July 29, 2025
Alternate Contact First Name	Justice	Michael	July 29, 2025
Requirement	Cybersecurity & Infrastructure Security Agency (CISA)/Cybersecurity Division (CSD)/Vulnerability Management (VM) requires vulnerability scanning support, Phishing Campaign Assessment (PCA) support, Web Application Scanning (WAS) support, and Posture & Exposure (P&E) reporting.	The objective of this requirement is to enhance CISA’s ability to provide Federal, State / Local / Tribal / Territorial (SLTT), and Critical Infrastructure with proactive services to evaluate an organization’s external security posture to assist the organization in improving their cybersecurity posture, limiting exposure, and reducing exploitation rates through vulnerability scanning support, Phishing Campaign Assessment (PCA) support, Web Application Scanning (WAS) support, and Posture & Exposure (P&E) reporting.	July 29, 2025
Small Business Specialist/APFS Coordinator Phone	None	(771) 888-5623	July 29, 2025
Estimated Solicitation Release	06/01/2025	04/01/2026	July 29, 2025
Award Quarter	Q4 2025	Q4 2026	July 29, 2025
Previous Published Date	08/19/2024	11/13/2024	Jan. 2, 2025
Published Date	11/13/2024	01/02/2025	Jan. 2, 2025
Last Updated Date	11/13/2024	01/02/2025	Jan. 2, 2025
Requirement	The Cybersecurity and Infrastructure Security Agency (CISA) Chief of Contracting Office (COCO) will host the Biannual Fiscal Year (FY) 2025 Industry Day on Wednesday, November 20, 2024, from 10:00AM to 12:00PM EST. The purpose of the event is to provide Industry updates on projected FY25 procurements. There will also be an opportunity for question and answers with CISA COCO Contracting Officers. For more information, please refer to SAM.gov. Cybersecurity & Infrastructure Security Agency (CISA)/Cybersecurity Division (CSD)/Vulnerability Management (VM) requires vulnerability scanning support, Phishing Campaign Assessment (PCA) support, Web Application Scanning (WAS) support, and Posture & Exposure (P&E) reporting.	Cybersecurity & Infrastructure Security Agency (CISA)/Cybersecurity Division (CSD)/Vulnerability Management (VM) requires vulnerability scanning support, Phishing Campaign Assessment (PCA) support, Web Application Scanning (WAS) support, and Posture & Exposure (P&E) reporting.	Jan. 2, 2025
NAICS	541611 - Administrative Management and General Management Consulting Services	541512 - Computer Systems Design Services	Jan. 2, 2025
Previous Published Date	None	08/19/2024	Nov. 13, 2024
Published Date	08/19/2024	11/13/2024	Nov. 13, 2024
Last Updated Date	08/19/2024	11/13/2024	Nov. 13, 2024
Alternate Contact Email	None	[email protected]	Nov. 13, 2024
Alternate Contact Phone	None	(202) 666-5011	Nov. 13, 2024
Alternate Contact Last Name	None	Harvey	Nov. 13, 2024
Alternate Contact First Name	None	Justice	Nov. 13, 2024
Requirements Contact Email	[email protected]	[email protected]	Nov. 13, 2024
Requirement	Cybersecurity & Infrastructure Security Agency (CISA)/Cybersecurity Division (CSD)/Vulnerability Management (VM) requires vulnerability scanning support, Phishing Campaign Assessment (PCA) support, Web Application Scanning (WAS) support, and Posture & Exposure (P&E) reporting.	The Cybersecurity and Infrastructure Security Agency (CISA) Chief of Contracting Office (COCO) will host the Biannual Fiscal Year (FY) 2025 Industry Day on Wednesday, November 20, 2024, from 10:00AM to 12:00PM EST. The purpose of the event is to provide Industry updates on projected FY25 procurements. There will also be an opportunity for question and answers with CISA COCO Contracting Officers. For more information, please refer to SAM.gov. Cybersecurity & Infrastructure Security Agency (CISA)/Cybersecurity Division (CSD)/Vulnerability Management (VM) requires vulnerability scanning support, Phishing Campaign Assessment (PCA) support, Web Application Scanning (WAS) support, and Posture & Exposure (P&E) reporting.	Nov. 13, 2024