DoD's $39.9M cybersecurity support contract awarded to Sentar, Inc. for policy compliance and information security

Contract Overview

Contract Amount: $39,910,809 ($39.9M)

Contractor: Sentar, Inc.

Awarding Agency: Department of Defense

Start Date: 2018-05-03

End Date: 2021-05-02

Contract Duration: 1,095 days

Daily Burn Rate: $36.4K/day

Competition Type: FULL AND OPEN COMPETITION

Number of Offers Received: 12

Pricing Type: COST PLUS FIXED FEE

Sector: IT

Official Description: PROVIDE SUPPORT TO THE CYBERSECURITY POLICY INITIATIVES, AND PROVIDE SUPPORT TO DHA INFORMATION SECURITY DIVISION. EXECUTE CYBERSECURITY SERVICES TO ASSIST IN ENSURING COMPLIANCE WITH FEDERAL, DEPARTMENT OF DEFENSE (DOD), AND DHA AND SUBSERVICES REGULATIONS AND POLICIES. ASSIST IN PROJECT EXECUTION OF CS POLICY SERVICES AT LOCATIONS THROUGHOUT THE CONTINENTAL US (CONUS) AND OUTSIDE THE CONTINENTAL US (OCONUS) AREAS. IGF::OT::IGF

Place of Performance

Location: HUNTSVILLE, MADISON County, ALABAMA, 35806

State: Alabama Government Spending

Plain-Language Summary

Department of Defense obligated $39.9 million to SENTAR, INC. for work described as: PROVIDE SUPPORT TO THE CYBERSECURITY POLICY INITIATIVES, AND PROVIDE SUPPORT TO DHA INFORMATION SECURITY DIVISION. EXECUTE CYBERSECURITY SERVICES TO ASSIST IN ENSURING COMPLIANCE WITH FEDERAL, DEPARTMENT OF DEFENSE (DOD), AND DHA AND SUBSERVICES REGULATIONS AND POLICIES. ASSIST… Key points: 1. Contract focuses on ensuring compliance with federal, DoD, and DHA cybersecurity regulations. 2. Services span both continental and outside continental US locations, indicating broad operational scope. 3. The contract type is Cost Plus Fixed Fee, which can lead to cost overruns if not managed carefully. 4. Performance period of three years suggests a need for sustained cybersecurity support. 5. The award was made under full and open competition, implying a robust bidding process.

Value Assessment

Rating: good

The contract's total value of $39.9 million over three years averages approximately $13.3 million annually. Benchmarking this against similar cybersecurity support contracts for federal agencies is challenging without more specific service details. However, the Cost Plus Fixed Fee structure suggests that the government is paying for actual costs plus a negotiated fixed fee, which can be efficient if costs are well-controlled. The number of bids received (10) indicates a competitive market for these services.

Cost Per Unit: N/A

Competition Analysis

Competition Level: full-and-open

This contract was awarded under full and open competition, with 10 offers received. This indicates a healthy level of competition for cybersecurity support services within the Department of Defense. The multiple bidders suggest that various companies possess the capabilities to meet the government's requirements, which generally leads to better price discovery and potentially more favorable terms for the government.

Taxpayer Impact: The full and open competition process is beneficial for taxpayers as it allows for a wider pool of potential contractors to bid, driving down prices and ensuring the government receives competitive offers for its cybersecurity needs.

Public Impact

The Department of Defense (DoD) and its sub-service, the Defense Health Agency (DHA), are the primary beneficiaries, receiving enhanced cybersecurity policy and information security support. Services delivered include assisting in ensuring compliance with federal, DoD, and DHA regulations and policies. The contract has a geographic impact across both Continental US (CONUS) and Outside Continental US (OCONUS) areas, supporting a global operational footprint. Workforce implications include potential support roles for cybersecurity analysts, policy experts, and project managers, both within the contractor and potentially within the government agencies receiving support.

Waste & Efficiency Indicators

Waste Risk Score: 50 / 10

Warning Flags

  • Cost Plus Fixed Fee contracts can incentivize contractors to increase costs to maximize profit if not closely monitored.
  • The broad scope of services and geographic reach may present logistical and management challenges.
  • Ensuring consistent compliance across diverse federal, DoD, and DHA regulations requires robust oversight.

Positive Signals

  • Awarded under full and open competition with 10 offers, indicating a competitive market and good price discovery.
  • The contract duration of three years allows for sustained support and development of expertise.
  • Focus on cybersecurity policy and information security is critical for national defense and data protection.

Sector Analysis

The cybersecurity services market is a rapidly growing sector within the broader IT services industry, driven by increasing cyber threats and stringent regulatory requirements. Federal agencies, particularly the Department of Defense, are significant spenders in this area. This contract fits within the segment of cybersecurity consulting and support, focusing on policy development, compliance, and information security. Comparable spending benchmarks are difficult to establish without granular detail, but the overall federal cybersecurity spending is in the tens of billions annually.

Small Business Impact

This contract was not set aside for small businesses and was awarded to Sentar, Inc., a large business. There is no explicit mention of subcontracting requirements for small businesses within the provided data. Therefore, the direct impact on the small business ecosystem is likely minimal unless Sentar, Inc. voluntarily engages small businesses for subcontracting opportunities.

Oversight & Accountability

Oversight for this contract would typically fall under the contracting officer and the relevant program management offices within the Department of Defense and the Defense Health Agency. Accountability measures are inherent in the Cost Plus Fixed Fee structure, requiring detailed cost reporting and justification. Transparency is facilitated through contract award databases, but specific performance metrics and oversight reports are often internal. Inspector General jurisdiction would apply in cases of fraud, waste, or abuse.

Related Government Programs

  • DoD Cybersecurity Strategy
  • Defense Health Agency Information Security Program
  • Federal Information Security Modernization Act (FISMA) Compliance
  • Cybersecurity Policy Development Support
  • Information Assurance Services

Risk Flags

  • Cost Plus Fixed Fee contract type requires diligent oversight to manage potential cost escalations.
  • Broad geographic scope (CONUS/OCONUS) may introduce logistical complexities and require adaptable security solutions.
  • Ensuring consistent compliance across multiple regulatory frameworks (Federal, DoD, DHA) is a significant undertaking.

Tags

it, defense, cybersecurity, dod, dha, cost-plus-fixed-fee, full-and-open-competition, engineering-services, policy-support, information-security, conus, oconus

Frequently Asked Questions

What is this federal contract paying for?

Department of Defense awarded $39.9 million to SENTAR, INC.. PROVIDE SUPPORT TO THE CYBERSECURITY POLICY INITIATIVES, AND PROVIDE SUPPORT TO DHA INFORMATION SECURITY DIVISION. EXECUTE CYBERSECURITY SERVICES TO ASSIST IN ENSURING COMPLIANCE WITH FEDERAL, DEPARTMENT OF DEFENSE (DOD), AND DHA AND SUBSERVICES REGULATIONS AND POLICIES. ASSIST IN PROJECT EXECUTION OF CS POLICY SERVICES AT LOCATIONS THROUGHOUT THE CONTINENTAL US (CONUS) AND OUTSIDE THE CONTINENTAL US (OCONUS) AREAS. IGF::OT::IGF

Who is the contractor on this award?

The obligated recipient is SENTAR, INC..

Which agency awarded this contract?

Awarding agency: Department of Defense (Department of the Navy).

What is the total obligated amount?

The obligated amount is $39.9 million.

What is the period of performance?

Start: 2018-05-03. End: 2021-05-02.

What is Sentar, Inc.'s track record with the Department of Defense and similar cybersecurity contracts?

Sentar, Inc. has a history of performing IT and cybersecurity services for various government agencies, including the Department of Defense. Prior to this contract, they have held other DoD contracts related to network security, information assurance, and technical support. Their experience often involves supporting complex defense systems and ensuring compliance with stringent security protocols. Analyzing their past performance on similar Cost Plus Fixed Fee contracts would be crucial to assess their ability to manage costs effectively and deliver on technical requirements. A review of past performance evaluations and any documented issues or successes on previous DoD engagements would provide further insight into their reliability and capability in delivering cybersecurity support.

How does the $39.9 million value compare to other cybersecurity support contracts awarded by the DoD or DHA?

The $39.9 million value over three years, averaging approximately $13.3 million annually, places this contract in the mid-to-large range for specialized cybersecurity support services. The DoD and DHA procure a wide spectrum of cybersecurity services, from large-scale system development and integration to smaller, focused support tasks. Contracts for comprehensive cybersecurity policy development, compliance assurance, and information security division support, especially those with CONUS and OCONUS reach, can easily reach tens of millions of dollars. Without specific details on the scope of services for comparison contracts, it's difficult to provide a precise benchmark. However, this award appears consistent with the scale of investment required for robust cybersecurity operations within a major federal agency like the DoD.

What are the primary risks associated with a Cost Plus Fixed Fee (CPFF) contract for cybersecurity services?

The primary risk with a Cost Plus Fixed Fee (CPFF) contract for cybersecurity services is the potential for cost overruns. While the fee is fixed, the 'cost' portion is reimbursable, meaning the contractor is paid for actual expenses incurred. If the contractor's costs are higher than anticipated due to inefficiencies, scope creep not properly managed, or unforeseen technical challenges, the total contract value can increase significantly, exceeding initial estimates. For cybersecurity, this can be exacerbated by the rapidly evolving threat landscape requiring new tools or approaches, or complex compliance environments. Effective oversight, detailed cost tracking, and strong program management are essential to mitigate these risks and ensure the government receives value for its expenditure.

How effective is the current cybersecurity policy support likely to be given the contract's objectives?

The effectiveness of the cybersecurity policy support hinges on several factors, including the clarity of the policy initiatives, the expertise of Sentar, Inc.'s personnel, and the level of collaboration with the DHA Information Security Division. The contract aims to ensure compliance with federal, DoD, and DHA regulations, which is a critical function. Success will be measured by the agency's ability to maintain compliance, adapt to new threats, and implement robust security measures. The broad geographic scope (CONUS/OCONUS) suggests a need for adaptable policies and consistent implementation. Regular performance reviews, clear deliverables, and strong government oversight are crucial indicators of potential effectiveness. The contract's success is directly tied to the government's ability to define clear policy goals and monitor adherence.

What are the historical spending patterns for cybersecurity support within the DHA or similar DoD entities?

Historical spending patterns for cybersecurity support within the DHA and similar DoD entities show a consistent and increasing trend over the years. As cyber threats evolve and the volume of sensitive data managed by these organizations grows, so does the investment in cybersecurity. This includes spending on policy development, threat detection, incident response, compliance monitoring, and personnel training. Contracts for these services often range from a few million to tens or even hundreds of millions of dollars, depending on the scope and duration. The $39.9 million awarded to Sentar, Inc. aligns with the significant resources allocated to maintaining a strong cybersecurity posture within defense health systems, reflecting a sustained commitment to protecting critical information infrastructure.

Industry Classification

NAICS: Professional, Scientific, and Technical ServicesArchitectural, Engineering, and Related ServicesEngineering Services

Product/Service Code: IT AND TELECOM - INFORMATION TECHNOLOGY AND TELECOMMUNICATIONSADP AND TELECOMMUNICATIONS

Competition & Pricing

Extent Competed: FULL AND OPEN COMPETITION

Solicitation Procedures: SUBJECT TO MULTIPLE AWARD FAIR OPPORTUNITY

Solicitation ID: N6523617R3090

Offers Received: 12

Pricing Type: COST PLUS FIXED FEE (U)

Evaluated Preference: NONE

Contractor Details

Parent Company: Sentar Inc.

Address: 675 DISCOVERY DR NW, HUNTSVILLE, AL, 35806

Business Categories: Category Business, Corporate Entity Not Tax Exempt, Small Business, Special Designations, U.S.-Owned Business, Woman Owned Business, Women Owned Small Business

Financial Breakdown

Contract Ceiling: $46,934,449

Exercised Options: $46,934,449

Current Obligation: $39,910,809

Actual Outlays: $82,937

Contract Characteristics

Commercial Item: COMMERCIAL PRODUCTS/SERVICES PROCEDURES NOT USED

Cost or Pricing Data: NO

Parent Contract

Parent Award PIID: N0017814D7490

IDV Type: IDC

Timeline

Start Date: 2018-05-03

Current End Date: 2021-05-02

Potential End Date: 2021-05-02 00:00:00

Last Modified: 2025-09-22

More Contracts from Sentar, Inc.

View all Sentar, Inc. federal contracts →

Other Department of Defense Contracts

View all Department of Defense contracts →

Explore Related Government Spending