CISA Cancels $2.4 Billion Cybersecurity Procurement

A multi-billion dollar vision by the Cybersecurity and Infrastructure Security Agency for its government-wide network intrusion detection and prevention system went kaput on Friday, court documents show.

See Also: New Attacks. Skyrocketing Costs. The True Cost of a Security Breach.

The federal cyber defense agency notified the U.S. Court of Federal Claims that it decided to withdraw an offer for worth up to $2.4 billion to government contractor Leidos to support the National Cybersecurity Protection System – more commonly known as the “Einstein” system.

The problem isn’t Leidos, the agency said, it’s them. The Department of Homeland Security – of which CISA is a component – “determined that the agency’s requirements with respect to its IT and cybersecurity service needs have significantly changed in light of organizational changes and changes in priorities,” it told Judge Zachary N. Somers. The agency said it is investigating “the best means of fulfilling its future requirements.” The judge on Monday dismissed the case.

The department was a defendant in the court with jurisdiction over monetary claims against federal agencies after Leidos rival Nightwing accused CISA of performing a flawed evaluation and overlooking the presence of a former CISA program manager on the Leidos team.

DHS dubbed the contract the “Agile Cybersecurity Technical Solutions” and pledged in a non-public December 2022 solicitation to transform the network security program into a broader “services organization” supporting government cybersecurity. ACTS, awarded to Leidos in February 2024, was meant to be a successor to a $1.15 billion NCPS contract known as Domino, awarded in 2017 to Raytheon. Nighwing spun out from Rayethon in 2024, taking the contract with it (see: Nightwing CEO on Post-Raytheon Independence, Cyber Expertise).

Nightwing asserted that the unnamed Leidos employee had access to Nighwing confidential staffing information and unfettered access to nonpublic technical performance information. Information Security Media Group has asked Leidos to comment.

The Einstein system has come under periodic criticism for its mixed effectiveness, including a 2016 analysis by the Government Accountability Office finding the system “is partially, but not fully, meeting its stated systems objectives.”

CISA has said it plans to supplement its older Einstein intrusion detection system with a more modern “Cyber Analytics and Data System” compromising a “Joint Collaboration Environment.”

During a September 2023 congressional hearing, an executive with cybersecurity firm CrowdStrike characterized Eintstein as a relic of an earlier time when defenses concentrated at network perimeters. “However useful Einstein was at inception or at its peak efficacy, its value has eroded over time,” said Robert Sheldon, senior director of public policy.

CISA didn’t detail its motivation for canceling the ACTS procurement in its court filing. The agency has lost personnel in the first months of the Trump administration and faces an uncertain future. The White House earlier this month proposed cutting its budget by $500 million in the coming fiscal year (see: CISA’s Acting Director Defends Cuts Amid Growing Turmoil).