As Cybersecurity Awareness Month celebrates its 19th year, instituting a robust cyber posture takes on a new meaning for federal agencies. In May 2021, President Biden issued an executive order to strengthen and improve America’s cybersecurity. Known as “Zero Trust” the order called for federal agencies to wall off information technology (IT) systems behind a secure network perimeter. A year later, federal agencies are “on the clock” and actively working to integrate Zero Trust architecture into their existing IT environment.

According to a May 2022 report from General Dynamics Information Technology (GDIT), the "Agency Guide to Zero Trust Maturity,"  civilian and federal agencies are making progress toward meeting zero trust but continue to face significant challenges in implementation, such as lack of IT expertise, identifying and prioritizing needs and concerns around repairing or rebuilding existing legacy infrastructure.

With a September 2024 deadline looming for compliance, NITAAC can help. We already support over $2.3 billion in cybersecurity obligations. Our three Best in Class Government-Wide Acquisition Contracts (GWACs) connect agencies with Contract Holders who have already proven successful at developing customized, flexible cybersecurity solutions.

The CIO-SP3 and CIO-SP3 Small Business GWACs have specific Task Areas where agencies can fulfill the need for cybersecurity solutions, such as Task Area 1 (IT Services for Biomedical Research, Health Sciences and Healthcare), Task Area 3 (Imaging) and Task Area 7 (Critical Infrastructure and Information Assurance). CIO-CS offers managed solutions on-premise or offsite, along with “as-a-service” commodity buys for out-of-the-box setup and distribution.

In fact, many of our Contract Holders have cleared personnel (both within the various DHS agencies and within the DoD) ready to support the federal government in a variety of positions that require access to sensitive information.

NITAAC is poised to help agencies tackle the challenges identified in the report head-on and get them on track to Zero Trust compliance.

Challenge #1: Lack of IT expertise

All NITAAC Contracting Officers are Digital IT Acquisition Professional (DITAP) certified, which means they are well-versed in designing innovative and flexible procurements for information technology and digital transformation. If your agency lacks the time, or manpower, to complete the acquisition in-house, NITAAC contracting professionals will work with you to determine the best course forward for your acquisition, from the market research and acquisition planning phase, all the way through administration and closeout. NITAAC will pair you with an experienced Contracting Officer capable of identifying innovative information technology contracting approaches on any of our three Best in Class GWACs.

Challenge #2: Identifying and prioritizing needs and concerns

Cybersecurity products and services are available from industry leading Contract Holders under CIO-SP3, CIO-SP3 Small Business and CIO-CS. Our Contract Holders have the right cybersecurity solutions in place, and the federal performance experience, to ensure agencies can accomplish their missions knowing their information is protected and Zero Trust compliant. Once selected, our Contract Holders will partner with your agency to ensure that your cyber strategy addresses all the elements of a Zero Trust architecture, such as endpoint risk posture or internet access, to minimize agency risk against evolving cyber threats.

Challenge #3: Repairing or rebuilding existing legacy infrastructure

The current push for modernization is not just about updating or replacing old technology. It’s about finding more cost-effective, innovative approaches to delivering IT services and improving services delivered to the citizen. Here at NITAAC, we get it. That’s why our Contracting Officers are so essential to our offerings. We have a team of FAC-C-DS Level-III certified contracting professionals who can guide customers through every step of the acquisition lifecycle.

We understand how to leverage different contract vehicles, how to define IT requirements accurately and clearly, and how to translate those requirements into solutions that work. Using proven methods, we can get from requirements definition to award in as few as 30 days. It’s acquisition at the speed of innovation.

Whatever your cybersecurity needs, NITAAC offers an array of Best in Class cybersecurity services and solutions through our three GWACs, each with specific Task Areas where agencies can fulfill the need for their cybersecurity solutions.

We can’t promise that the road to Zero Trust will always be easy. But, what we can promise is that our acquisition process will support your efforts, rather than frustrate them.

To learn more about NITAAC’s cybersecurity solutions, visit nitaac.nih.gov/cybersecurity.