The Defense Information Systems Agency (DISA) is seeking insight from industry for cybersecurity operations, risk management, and compliance support for a potential Military Sealift Command (MSC) Cybersecurity Support Services (CSS) contract.
The notice, posted Tuesday on SAM.com, seeks input from small and large businesses with expertise in cybersecurity operations, risk management, and compliance to support a planned contract aimed at strengthening cyber readiness across MSC assets.
Specifically, DISA is requesting comprehensive cybersecurity support that includes assistance with vulnerability management. This involves conducting cybersecurity site visits to aid both civilian and contract mariners in patching and scanning systems and networks, ensuring vulnerabilities are identified and mitigated effectively.
Additionally, the requirement includes providing afloat site, system, and operational technology “Assessment and Authorization” support. This encompasses conducting mission-based cybersecurity risk assessments to evaluate and enhance the security posture of deployed systems and technologies.
The support also extends to performing inspections and compliance visits aimed at measuring the cybersecurity readiness of individual ships or departments. These assessments will help determine adherence to established compliance measures and identify areas needing improvement to maintain operational security standards.
The MSC CSS contract would include a 12-month base period and up to four 12-month option periods, running through May 14, 2031, if all options are exercised. Work will be performed primarily at contractor facilities, with meetings taking place in Norfolk, Va. Some travel to other Navy, MSC, U.S. Transportation Command, or Defense Department sites may be required.
Responses are due by Sept. 4.