Commerce Department Information Security Contract Analysis Highlights Spending Areas

Methodology

As part of the research and analysis completed for the recent Federal Information Security Market, 2014 to 2019 report, the Federal Industry Analysis Team explored reported spending on information security across the government. Historic spending data was collected using a non-definitive selection of 24 information security related keyword searches on FPDS.gov. The resulting 224,297 contracts were culled down to 33,233 through further analysis. This analysis reviewed the initial set for IT-related product or spending (PSC) codes, duplicate entries, and as well as security related contract descriptions. 

The report includes findings from the over 33,000 contracts, which provide an approximate baseline total contracted value for security contract awards that can be used to assess the overall size and composition of historical federal information security spending from FY 2009 to FY 2014. The discussion in this blog addresses findings associated with over 550 information security contracts awarded by the Department of Commerce, the top 20 contracts from that set as well as the conclusions drawn from analysis of spending department-wide. 

Findings

The National Oceanic and Atmospheric Administration (NOAA) contracted the largest share of the department’s obligations from FY 2009 to FY 2014. The top 20 contracts during this period account for nearly $97.6 million in spending across four bureaus. Fifteen of those contracts were awarded by NOAA. Three were awarded by the Patent and Trademark Office. Meanwhile the Census Bureau and National Institute of Standards and Technology claimed one top award each. Requirements filled by these top awards include data stewardship systems, enterprise security monitoring, identity, credential and access management (ICAM) support, security products, as well as security support services.  

Top products/services bought 2009 to 2014 include cyber security and data back up services, system development services, technical and engineering support, integrated hardware/software/services solutions (predominantly services), IT strategy and architecture. The top 20 contract vehicles and programs leveraged for security spending during this period accounted for $102.6 M in spending. These vehicles include Comprehensive Large Array Data Stewardship System (CLASS), NOAA Link, CIO End User Support (EUS),  computer and information security services, identity and access management solution, NIH Electronic Commodities Store (ECS) III, and GSA’s IT Schedule 70. 

The Department of Commerce’s top vendors by total obligations received from FY 2009 to FY 2014 include:

• Diversified Global Partners JV, LLC
• 2020 Company, LLC
• Evolver, Inc.
• Nangwik Services, LLC
• ActioNet, Inc.
• Earth Resources Technology, Inc
• SAIC
• Cyberdata Technologies, Inc.
• Trusted Security Alliance, LLC
• Harris Corporation,
• FCN, Inc.

Conclusions

Since NOAA historically does the most information security related contracting, it makes sense that they’re expected to lead the procurement and development of the back-end infrastructure for Commerce’s new Enterprise Security Oversight Center (ESOC). A recent Federal News Radio article on the development reported that the enterprise security center is anticipated to begin initial operating capability by the end of the December. If past performance is an indicator, NOAA is likely to continue providing support as the effort matures.