How to Seize the Moment: CISA’s $18B Cyber Challenge

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is preparing to release an Indefinite Delivery Indefinite Quantity (IDIQ) contract for cybersecurity products and services this summer. The General Services Administration (GSA) Federal Acquisition Service (FAS) Assisted Acquisition Services (AAS) is assisting CISA with the procurement. It released a request for information (RFI) on February 28, 2025, and CISA is reviewing industry feedback. Table 1 contains an overview of the procurement.
Table 1: CISA IDIQ At a Glance
Identifier | 47QFRA25K0003 |
Value | $18B |
RFP Release Date | 07/2025 |
Type | Agency IDIQ |
Competition Type | Undetermined |
NAICS Code | 541512 |
Place of Performance | United States |
Critical Mission Need
CISA serves as the nation’s risk advisor. It works with partners to defend against cyber threats and ensure the security and resilience of national infrastructure. This includes safeguarding Federal Civilian Executive Branch (FCEB) systems and supporting national critical functions across large-scale programs. Key components such as capability deployment, operations, solutions development, and cybersecurity tool acquisition are central to building national resilience against cyberattacks, underscoring the critical nature of CISA’s mission.
Summary of Requirements
CISA requires a comprehensive and flexible acquisition approach to support various functional areas essential to operations. CISA’s requirements encompass:
- Service Areas: Five distinct service areas, including Cyber/IT Project Management Support, Requirements Management, Capability Implementation, Operations and Sustainment, and Solution Development.
- Product Area: Cybersecurity products and tools aligned with the service areas.
- Support Services: Agile, scalable, and responsive solutions that align with CISA’s overarching goals and improve IT flexibility while reducing redundancy and cost.
- Specialized Expertise: High-level security policy compliance and threat awareness support services are essential.
- Procurement Efficiency: The ability to effectively resolve procurement challenges, particularly in managing cybersecurity software acquisitions. CISA emphasizes shelfware elimination, transferability, cost-effective pricing policies, and strategic procurement alignment.
Risk Considerations
When preparing a proposal response, offerors should consider the following risks.
- Execution Risk Due to Scope and Complexity: The breadth of five service areas and one product area, spanning project management, requirements management, development, operations, and procurement, creates significant complexity in oversight, coordination, and performance management. Inconsistent execution, misaligned priorities, or contractor confusion over roles could lead to delays or duplicated efforts.
- Misalignment Between Procurement and Readiness: One of the main goals is to avoid shelfware, but this requires precise alignment between procurement timing, agency readiness, and deployment capability. Agencies may still procure software before fully deploying it, recreating the problem the IDIQ is trying to solve.
- Resistance from Original Equipment Manufacturers (OEMs): The government wants software and tools to be transferable across agencies, but OEMs often resist this due to licensing restrictions or revenue protection strategies. This may lead to an inability to maximize licenses.
- Contracting and Governance Challenges: A flexible ordering mechanism used by multiple entities introduces governance risks, such as unclear authority, uneven task order quality, or performance inconsistency. Weak governance could reduce accountability, increase contract administration burden, or dilute strategic outcomes.
- Budget Uncertainty and Out-of-Year Pricing: The RFI notes concern over out-of-year pricing and vendor stock-keeping unit (SKU) re-packaging. With tightening federal budgets, escalating costs in later years could erode value.
Capture and Proposal Tips
It is crucial to thoroughly understand the RFP requirements, emphasizing your past performance and expertise in large-scale cybersecurity projects. Develop a strong value proposition by offering agile, flexible, cost-effective solutions that align with CISA’s strategic goals and address procurement challenges like shelfware and pricing policies. Assemble a highly qualified team, form strategic partnerships, and demonstrate the ability to work with CISA and its critical infrastructure partners.
Conclusion
The upcoming IDIQ represents a significant opportunity for industry leaders to contribute to the national security mission by offering innovative, resilient, and cost-effective solutions. Offerors must use their expertise and past performance to address CISA’s complex requirements, focusing on agility, scalability, and integration. Given the critical nature of CISA’s mission to protect national infrastructure, proactive risk mitigation strategies, comprehensive team building, and diverse partnerships will be indispensable. As the landscape of cyber threats continues to evolve, aligning industry capabilities with CISA’s critical mission needs will not only place a proposal in a competitive position but also contribute to strengthening national resilience against cyberattacks.
Relevant Information
By Brenda Crist, Vice President at Lohfeld Consulting Group, MPA, CPP APMP Fellow
Lohfeld Consulting Group has proven results specializing in helping companies create winning captures and proposals. As the premier capture and proposal services consulting firm focused exclusively on government markets, we provide expert assistance to government contractors in Capture Planning and Strategy, Proposal Management and Writing, Capture and Proposal Process and Infrastructure, and Training. In the last 3 years, we’ve supported over 550 proposals winning more than $170B for our clients—including the Top 10 government contractors. Lohfeld Consulting Group is your “go-to” capture and proposal source! Start winning by contacting us at www.lohfeldconsulting.com and join us on LinkedIn, Facebook, and YouTube(TM).
Paperback or Kindle
10 steps to creating high-scoring proposals
by Bob Lohfeld
contributors Edited by Beth Wingate
Subscribe to our free ebrief
Teaming friends, frenemies, and enemies—12 tips to mitigate harmful effects
Did you know that contracting officers spend up to 20% of their time mitigating disputes between teaming partners? In an informal poll we conducted on LinkedIn last month, 40% of respondents classified their teaming partners as “frenemies” on their last bid.
Explore Further
- Advice (507)
- AI (19)
- APMP (18)
- Army MAPS Contracts (3)
- Business Development (244)
- Capture Management (221)
- Complex Technology Grants Services (25)
- Favorite Books (5)
- GenAI (2)
- Go-to-Market (27)
- Graphics (5)
- Lohfeld Books (2)
- NASA SEWP VI Contracts (2)
- Navy SeaPort-NxG Contracts (2)
- NIST MSE Grants (1)
- NIST NAPMP Grants (2)
- Past Performance (62)
- Post-submission Phase (14)
- Pre-RFP Preparation (225)
- Proposal Management (297)
- Proposal Production (65)
- Proposal Reviews (34)
- Proposal Writing (93)
- Pursuit Phase (99)
- Research Report (3)
- Resources (59)
- Tools & Tips (361)
- Training (11)
- Uncategorized (221)

Sign Up for INSIGHTS and Download your FREE book
We'd love to help you with your proposals. Enjoy our complimentary Lohfeld Consulting Group Capture & Proposal Insights & Tips book with your FREE subscription to our Insights Newsletter.
GET YOUR FREE BOOK