The CIA's Cloud Contract Is Worth Billions

Uploaded on 2019-04-23 in INTELLIGENCE--USA, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

After six years in a classified commercial cloud built by Amazon Web Services, the CIA wants more commercial cloud capabilities from potentially multiple companies. 

The agency is in the early stages of planning a contract for commercial cloud computing services that will be worth “tens of billions” of dollars, according to contracting documents presented to select tech companies by the CIA in late March and first reported by Nextgov.

Dubbed the Commercial Cloud Enterprise, or C2E, the two-phase initiative will “expand and enhance” the commercial cloud capabilities it first contracted for with Amazon Web Services in 2013.

That contract, called C2S and valued at up to $600 million over 10 years, provided commercial cloud capabilities such as data storage, computing and analytics to the CIA and its 16 sister agencies within the intelligence community. 

“Since that time, cloud computing has proven transformational for the IC–increasing the speed at which new applications can be developed to support mission and improving the functionality and security of those applications,” the CIA contracting documents state.

Whereas C2S has been managed by a single company, the CIA expects to “acquire foundational cloud services” from multiple vendors in phase one of C2E, which is good news for companies like IBM, Microsoft, Google and others expected to compete for the contract.

The initiative’s second phase also opens up competition with a stated goal to “acquire through multiple vehicles” cloud management capabilities and specialised platform- and software-as-a-service offerings.  To be considered for the contract, cloud service providers must have a commercial presence and must meet rigid government requirements to host secret and top secret classified information. AWS is currently the only commercial cloud provider cleared to host all levels of classified data.

AWS established a foothold in the national security space through C2S. Over the years, it has introduced new services and earned plaudits from the CIA’s top tech officials for being more secure than the agency’s own data repositories. Most recently, Andrew Hallman, deputy director for innovation at the CIA, praised the department’s previous cloud efforts and said its future plans will focus on fusing various cloud architectures together.

“The important thing is to look at what the future of cloud looks like, hybrid cloud architectures, multi-cloud architectures, and that, for us, the very important thing is making really wise decisions about how those architectures work together.”

Meanwhile, cloud computing’s import across government continues to expand, with federal agencies collectively expected to spend $2 billion on the technology in the coming year. AWS has been favored to win the largest cloud contract up for grabs, the Pentagon’s multibillion Joint Enterprise Defense Infrastructure contract.

According to a proposed acquisition timeline accompanying the contracting documents, the CIA intends to engage industry regarding contract requirements through next year. The timeline proposes the C2E contract be bid out in May 2020 with an award “no later than July 2021.”

DefenseOne:             Image: Nick Youngson

You Might Also Read: 

The US Pentagon Is  Speeding-Up Its Cloud Strategy:

Where On Earth Is Cloud Data Actually Stored?:

 

 

« A Cyber Attack On Japan Could Bring The USA To War
Ethical Hacker Guilty Of Malware Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Intrinsic-ID

Intrinsic-ID

Intrinsic-ID's authentication technology creates unique IDs and keys to authenticate chips, data, devices and systems.

Avatu

Avatu

Avatu specialise in providing clients the advice, technology and tools they need to fight cyber and insider threats.

Cybercom Group

Cybercom Group

Cybercom offers strategic advice, testing & quality assurance, security solutions, system development, integration, management and operation services.

PrivateVPN

PrivateVPN

PrivateVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Secura

Secura

The Secura Cyber Security and Intelligence system predicts and prevents security threats by discovering hidden patterns through the meticulous analysis of large amounts of data.

XLAB

XLAB

XLAB is an R&D company with a strong research background in the fields of distributed systems, cloud computing, security and dependability of systems.

Sternum

Sternum

Sternum provides reliable and effective endpoint security for any IoT device, using robust technology and seamless integration.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet is a network of companies who collaborate to address skills needs within the technology sector.

BluescreenIT (BIT)

BluescreenIT (BIT)

BluescreenIT is an IT Security Consultancy and IT and Cyber Security Training company supporting industry, local authorities, MoD and governmental IT departments.

Banyax

Banyax

Banyax provides 24×7 real-time Cyber Defense Center Services using the latest technology tools to provide state-of-the-art defense.

Three Wire Systems

Three Wire Systems

Three Wire is a leader in innovative and efficient technology solutions for government agencies and large enterprise corporations.

M.Tech

M.Tech

M.Tech is a leading cyber security and network performance solutions provider. We work with leading vendors to bring optimal solutions to the market through a channel of reseller partners.

Baidam Solutions

Baidam Solutions

Baidam Solutions is a 100% Australian owned and operated First Nations information technology business.

Layer 8 Security

Layer 8 Security

Layer 8 Security is a cybersecurity advisory, consulting, and technical services firm that arms businesses with practical compliance, risk management, and security program strategies.

XeneX

XeneX

XeneX Cloud Security Services address enterprise-class security challenges by enabling DevOps and Security teams to access a shared source of truth.