DHS awards $18.2M contract to MITRE for R&D in cybersecurity, with no competition
Contract Overview
Contract Amount: $18,204,168 ($18.2M)
Contractor: THE Mitre Corporation
Awarding Agency: Department of Homeland Security
Start Date: 2023-04-17
End Date: 2024-04-16
Contract Duration: 365 days
Daily Burn Rate: $49.9K/day
Competition Type: NOT COMPETED
Pricing Type: COST PLUS FIXED FEE
Sector: R&D
Official Description: SYSTEM ENGINEERING AND ACQUISITION EXPERTISE FOR CAPABILITY DELIVERY (CD) AND COMMON VULNERABILITIES AND EXPOSURES (CVE), COMMON WEAKNESS ENUMERATION (CWE) PROGRAM
Place of Performance
Location: MCLEAN, FAIRFAX County, VIRGINIA, 22102
State: Virginia Government Spending
Plain-Language Summary
Department of Homeland Security obligated $18.2 million to THE MITRE CORPORATION for work described as: SYSTEM ENGINEERING AND ACQUISITION EXPERTISE FOR CAPABILITY DELIVERY (CD) AND COMMON VULNERABILITIES AND EXPOSURES (CVE), COMMON WEAKNESS ENUMERATION (CWE) PROGRAM Key points: 1. Contract focuses on critical cybersecurity research and development for capability delivery and vulnerability management. 2. Sole-source award to The MITRE Corporation raises questions about competitive pricing and market fairness. 3. Significant investment in R&D highlights the government's commitment to addressing evolving cyber threats. 4. Performance period of one year suggests a focused effort on specific cybersecurity objectives. 5. The contract's value, while substantial, needs benchmarking against similar R&D efforts in the cybersecurity sector. 6. Lack of competition may limit opportunities for innovative solutions from other qualified entities.
Value Assessment
Rating: fair
The contract value of $18.2 million for one year of R&D services is substantial. Without a competitive bidding process, it is difficult to definitively assess value for money. Benchmarking against similar sole-source R&D contracts for cybersecurity expertise would be necessary to determine if the pricing is fair. The Cost Plus Fixed Fee (CPFF) contract type can sometimes lead to higher costs if not carefully managed, but it is often used for R&D where scope can be uncertain.
Cost Per Unit: N/A
Competition Analysis
Competition Level: sole-source
This contract was awarded on a sole-source basis, meaning only one vendor, The MITRE Corporation, was solicited. This approach bypasses the standard competitive procurement process. While sole-source awards can be justified for unique capabilities or urgent needs, they limit the government's ability to explore a wider range of solutions and potentially secure better pricing through competition.
Taxpayer Impact: Taxpayers may not be receiving the best possible value due to the absence of competitive pressure, which typically drives down costs and encourages innovation.
Public Impact
The Department of Homeland Security (DHS) is the primary beneficiary, receiving critical R&D support for cybersecurity. Services delivered include expertise in capability delivery and addressing common vulnerabilities and exposures (CVE) and common weakness enumerations (CWE). The geographic impact is national, focusing on federal cybersecurity infrastructure and defense. Workforce implications include leveraging specialized R&D talent within The MITRE Corporation.
Waste & Efficiency Indicators
Waste Risk Score: 50 / 10
Warning Flags
- Sole-source award limits competitive pricing and potential innovation from other firms.
- CPFF contract type requires diligent oversight to manage costs effectively.
- Lack of transparency in the justification for sole-source procurement.
Positive Signals
- Award to a reputable organization (MITRE) with a strong track record in cybersecurity research.
- Focus on critical R&D areas like CVE and CWE directly addresses national security needs.
- Clear performance period allows for focused project execution.
Sector Analysis
This contract falls within the Research and Development sector, specifically focusing on physical, engineering, and life sciences, with a strong emphasis on cybersecurity. The market for cybersecurity R&D is highly specialized, with a few key players like MITRE often engaged in government-funded research due to their expertise and established relationships. Comparable spending benchmarks would involve looking at other federal R&D contracts in cybersecurity, particularly those awarded to Federally Funded Research and Development Centers (FFRDCs).
Small Business Impact
This contract does not appear to involve small business set-asides, nor is there an indication of subcontracting requirements for small businesses. The sole-source nature of the award to a large, established research organization like MITRE typically means that opportunities for small businesses to participate directly are limited. This could represent a missed opportunity to foster small business innovation in the cybersecurity space.
Oversight & Accountability
Oversight for this contract would primarily fall under the Department of Homeland Security's contracting and program management offices. As a Cost Plus Fixed Fee (CPFF) contract, rigorous financial and performance oversight is crucial to ensure costs remain reasonable and deliverables are met. The Inspector General's office within DHS would have jurisdiction to investigate any potential fraud, waste, or abuse related to this award.
Related Government Programs
- Cybersecurity Research and Development Programs
- National Cybersecurity Strategy Initiatives
- Vulnerability Management Programs
- Information Technology Research
- Department of Homeland Security R&D Funding
Risk Flags
- Sole-source award lacks competitive justification.
- Potential for cost overruns in CPFF contract type.
- Limited transparency in procurement process.
- Missed opportunity for small business participation.
Tags
cybersecurity, research-and-development, department-of-homeland-security, mitre-corporation, sole-source, cost-plus-fixed-fee, national-security, vulnerability-management, virginia, it-services, federal-contract
Frequently Asked Questions
What is this federal contract paying for?
Department of Homeland Security awarded $18.2 million to THE MITRE CORPORATION. SYSTEM ENGINEERING AND ACQUISITION EXPERTISE FOR CAPABILITY DELIVERY (CD) AND COMMON VULNERABILITIES AND EXPOSURES (CVE), COMMON WEAKNESS ENUMERATION (CWE) PROGRAM
Who is the contractor on this award?
The obligated recipient is THE MITRE CORPORATION.
Which agency awarded this contract?
Awarding agency: Department of Homeland Security (Office of Procurement Operations).
What is the total obligated amount?
The obligated amount is $18.2 million.
What is the period of performance?
Start: 2023-04-17. End: 2024-04-16.
What is The MITRE Corporation's track record with similar sole-source R&D contracts for DHS?
The MITRE Corporation has a long history of working with government agencies, including DHS, often through sole-source or limited-competition contracts due to its status as a Federally Funded Research and Development Center (FFRDC). They specialize in systems engineering, research, and development, particularly in areas critical to national security and cybersecurity. Analyzing past DHS contracts awarded to MITRE for similar R&D efforts would reveal patterns in contract types, values, and performance outcomes. This historical data could help assess if the current $18.2 million award is consistent with previous engagements and if the justification for sole-source procurement is well-supported by their established expertise and unique capabilities in areas like CVE and CWE.
How does the $18.2 million value compare to similar cybersecurity R&D efforts within DHS or other agencies?
Benchmarking the $18.2 million contract value requires identifying comparable cybersecurity R&D contracts. This includes looking at contracts with similar objectives (e.g., vulnerability analysis, capability development), contract types (e.g., CPFF), and performers (e.g., FFRDCs or large research institutions). Without direct competitive data, comparisons are challenging. However, if other agencies or DHS itself have recently awarded competitive contracts for comparable cybersecurity R&D services, those values could serve as a benchmark. A significant deviation from competitive benchmarks, especially in a sole-source award, would warrant further scrutiny regarding pricing and overall value for money.
What are the specific risks associated with a sole-source award for cybersecurity R&D?
The primary risks associated with a sole-source award for cybersecurity R&D include potential overpayment due to lack of competition, limited access to a broader range of innovative solutions that might be offered by other firms, and a reduced incentive for the sole contractor to optimize performance and efficiency. For cybersecurity R&D, there's also a risk that the government might miss out on novel approaches or technologies developed by smaller, more agile companies. Furthermore, the justification for sole-source procurement must be robust; if it's not, it could indicate a failure in market research or an undue reliance on a single entity, potentially hindering the government's ability to adapt to rapidly evolving cyber threats.
How effective is MITRE in delivering on cybersecurity R&D objectives, based on past performance?
The MITRE Corporation generally has a strong reputation for effectiveness in delivering on cybersecurity R&D objectives, largely due to its FFRDC status and deep technical expertise. Their work often involves complex, long-term research and development initiatives that contribute significantly to national cybersecurity posture. Performance data from previous contracts, including DHS contracts, would provide specific insights. This would involve reviewing past performance evaluations, successful project completions, and the impact of their research on government capabilities. While generally considered effective, rigorous oversight and clear performance metrics within the current contract are still essential to ensure continued success.
What are the historical spending patterns for cybersecurity R&D by the Department of Homeland Security?
DHS historically allocates significant funding towards cybersecurity research and development to address the evolving threat landscape. Spending patterns often reflect priorities such as threat detection, vulnerability management, critical infrastructure protection, and advanced analytics. Analyzing historical spending data would reveal trends in the total amount invested, the distribution of funds across different cybersecurity domains, and the types of entities (e.g., FFRDCs, private companies, universities) that receive these funds. Understanding these patterns provides context for the current $18.2 million award, indicating whether it aligns with or deviates from established spending levels and priorities within DHS's cybersecurity R&D portfolio.
Industry Classification
NAICS: Professional, Scientific, and Technical Services › Scientific Research and Development Services › Research and Development in the Physical, Engineering, and Life Sciences (except Nanotechnology and Biotechnology)
Product/Service Code: RESEARCH AND DEVELOPMENT › General Science and Technology R&D Services
Competition & Pricing
Extent Competed: NOT COMPETED
Solicitation Procedures: ONLY ONE SOURCE
Pricing Type: COST PLUS FIXED FEE (U)
Evaluated Preference: NONE
Contractor Details
Address: 7515 COLSHIRE DR, MC LEAN, VA, 22102
Business Categories: Category Business, Corporate Entity Tax Exempt, Nonprofit Organization, Not Designated a Small Business, Special Designations, U.S.-Owned Business
Financial Breakdown
Contract Ceiling: $24,723,955
Exercised Options: $24,723,955
Current Obligation: $18,204,168
Actual Outlays: $18,204,168
Subaward Activity
Number of Subawards: 7
Total Subaward Amount: $3,192,345
Contract Characteristics
Commercial Item: COMMERCIAL PRODUCTS/SERVICES PROCEDURES NOT USED
Cost or Pricing Data: YES
Parent Contract
Parent Award PIID: 70RSAT20D00000001
IDV Type: IDC
Timeline
Start Date: 2023-04-17
Current End Date: 2024-04-16
Potential End Date: 2024-04-16 00:00:00
Last Modified: 2025-09-25
More Contracts from THE Mitre Corporation
- Center for Advanced Aviation Development (caasd) Ffrdc Mitre — $1.7B (Department of Transportation)
- FY25 Task Order 7 - to Provide Systems Engineering Research and Development Services for the Department of Defense (DOD) and Other Federal Government Agencies — $753.9M (Department of Defense)
- FY24 Task Order 6 - Initial Funding and Updating PWS & DD254 — $735.3M (Department of Defense)
- Caasd Must Provide Essential Engineering, Research, and Analysis Capabilities to Support the FAA in the Performance of ITS Mission Through a Systems Approach That Addresses ALL Dimensions (E.G. Political, Operational, Economic, Technical) Required to — $700.5M (Department of Transportation)
- Initial Modification on Task Order 5 Nsec, Ffrdc to Incrementally Fund, Update PWS & DD254 — $687.3M (Department of Defense)
Other Department of Homeland Security Contracts
- THE United States Coast Guard HAS a Requirement to Procure UP to Twenty-Six (26) Fast Response Cutters (frcs) on a Firm Fixed Price (FFP) Basis With an Economic Price Adjustment (EPA). Phase II of the FRC Program Will Complete the Fleet for a Total of 58 Cutters — $2.1B (Bollinger Shipyards Lockport, L.L.C.)
- Design and Construct NEW Vertical Barrier and Power Distribution, Lighting, Cameras, Equipment Shelters and Linear Ground Detection System (lgds) in Hildago County, NM — $1.8B (Fisher Sand & Gravel CO)
- Production&delivery of National Security Cutter (NSC) 6 — $1.7B (Huntington Ingalls Incorporated)
- YUM-2 Vertical Border and Waterborne Barrier Construction — $1.7B (Fisher Sand & Gravel CO)
- Construct Vertical Border Barrier — $1.6B (Fisher Sand & Gravel CO)