*** The approved product list for the Continuous Diagnostics and Mitigation (CDM) program is now hosted at NASA's Solution for Enterprise-Wide Procurement (SEWP). The Cybersecurity and Infrastructure Security Agency, which manages CDM, worked with NASA to add the approved products list to make CDM offerings more assessable to federal customers. The General Services Administration still hosts the CDM approved products list for use by its customers; the addition of SEWP is designed to give more options for buyers. Cybersecurity vendors on the SEWP vehicle can seek approval from CISA to sell their products and services via the CDM catalog.
*** The Department of Homeland Security now expects to make awards on its $10 billion FirstSource III small business IT hardware and software contract vehicle in August 2022, according to a Nov. 4 posting on SAM.com. DHS had previously anticipated being able to make awards in February 2022.
*** The $1 trillion-plus bipartisan infrastructure bill passed by the House of Representatives after a late vote on Friday and signed into law on Saturday includes $21 million to stand up the new office of the National Cyber Director and also includes a requirement for the Cybersecurity and Critical Infrastructure Agency and the Environmental Protection Agency to assess the most serious cyber risks to U.S. water supplies and plan to make mitigation and defense tools available to local governments to protect water systems against attack.