The CIA's Cloud Contract Is Worth Billions

Uploaded on 2019-04-23 in INTELLIGENCE--USA, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

After six years in a classified commercial cloud built by Amazon Web Services, the CIA wants more commercial cloud capabilities from potentially multiple companies. 

The agency is in the early stages of planning a contract for commercial cloud computing services that will be worth “tens of billions” of dollars, according to contracting documents presented to select tech companies by the CIA in late March and first reported by Nextgov.

Dubbed the Commercial Cloud Enterprise, or C2E, the two-phase initiative will “expand and enhance” the commercial cloud capabilities it first contracted for with Amazon Web Services in 2013.

That contract, called C2S and valued at up to $600 million over 10 years, provided commercial cloud capabilities such as data storage, computing and analytics to the CIA and its 16 sister agencies within the intelligence community. 

“Since that time, cloud computing has proven transformational for the IC–increasing the speed at which new applications can be developed to support mission and improving the functionality and security of those applications,” the CIA contracting documents state.

Whereas C2S has been managed by a single company, the CIA expects to “acquire foundational cloud services” from multiple vendors in phase one of C2E, which is good news for companies like IBM, Microsoft, Google and others expected to compete for the contract.

The initiative’s second phase also opens up competition with a stated goal to “acquire through multiple vehicles” cloud management capabilities and specialised platform- and software-as-a-service offerings.  To be considered for the contract, cloud service providers must have a commercial presence and must meet rigid government requirements to host secret and top secret classified information. AWS is currently the only commercial cloud provider cleared to host all levels of classified data.

AWS established a foothold in the national security space through C2S. Over the years, it has introduced new services and earned plaudits from the CIA’s top tech officials for being more secure than the agency’s own data repositories. Most recently, Andrew Hallman, deputy director for innovation at the CIA, praised the department’s previous cloud efforts and said its future plans will focus on fusing various cloud architectures together.

“The important thing is to look at what the future of cloud looks like, hybrid cloud architectures, multi-cloud architectures, and that, for us, the very important thing is making really wise decisions about how those architectures work together.”

Meanwhile, cloud computing’s import across government continues to expand, with federal agencies collectively expected to spend $2 billion on the technology in the coming year. AWS has been favored to win the largest cloud contract up for grabs, the Pentagon’s multibillion Joint Enterprise Defense Infrastructure contract.

According to a proposed acquisition timeline accompanying the contracting documents, the CIA intends to engage industry regarding contract requirements through next year. The timeline proposes the C2E contract be bid out in May 2020 with an award “no later than July 2021.”

DefenseOne:             Image: Nick Youngson

You Might Also Read: 

The US Pentagon Is  Speeding-Up Its Cloud Strategy:

Where On Earth Is Cloud Data Actually Stored?:

 

 

« A Cyber Attack On Japan Could Bring The USA To War
Ethical Hacker Guilty Of Malware Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Phoenix TS

Phoenix TS

Phoenix TS offers world-class management, computer, and IT security certification training courses.

ZyberSafe

ZyberSafe

ZyberSafe is an innovative Danish company specialized within building hardware encryption solutions.

Wayra UK

Wayra UK

Wayra UK, part of Telefónica Open Future, has been chosen to run a new cyber accelerator facility to help UK start-ups grow and take the lead in producing the next generation of cyber security systems

CloudMask

CloudMask

CloudMask patent technology provides Dynamic Data Masking (DDM) that masks sensitive data, structured or non-structured, in real-time.

Seekurity

Seekurity

Seekurity is an information security consulting firm specialized in all areas of Cyber Security including Penetration Testing, Vulnerability Assessments and Risk Management.

Madrona Venture Group

Madrona Venture Group

Madrona Venture Group invests in seed and early-stage technology companies in areas including cybersecurity.

UTMStack

UTMStack

UTMStack is a Unified Security Management system that includes SIEM, Vulnerability Management, Network and Host IDS/IPS, Asset Discovery, Endpoint Protection and Incident Response.

OmniCyber Security

OmniCyber Security

Omni is a cyber security firm specialising in Penetration Testing, Managed Security and Compliance.

CyNam

CyNam

CyNam is a platform for enabling the growth and development of people and organisations within Cheltenham’s flourishing cyber technology ecosystem.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

Netox

Netox

Netox is a comprehensive IT service provider that combines IT support services, IT solutions and specialist services; specializing in cybersecurity solutions.

Northrop Grumman

Northrop Grumman

Northrop Grumman is a global provider and integrator of complex, advanced and rapidly adapting information technology, cybersecurity, mobility and optimized services and solutions.

Proximus Ada

Proximus Ada

Proximus Ada is the first Belgian center of excellence combining artificial intelligence and cybersecurity.

Entech

Entech

Entech is a managed IT service provider. We work behind the scenes on your network to ensure data security and integrity.

VENZA

VENZA

VENZA is a data protection company that can help organisations mitigate their vulnerabilities and ensure compliance, keeping guests and their data safe from breaches.

Orbis Cyber Security

Orbis Cyber Security

Orbis is one of the leading cybersecurity company in USA. Our cybersecurity specialist defends your data, combat threat, and modernize your compliance.