CIA’s Next Cloud Contract May Be Worth $10B: This Is IT

The Central Intelligence Agency is moving ahead with a new cloud services contract, according to a presolicitation notice released on the intelligence community’s Acquisition Research Center (ARC) website on Sept. 30. A CIA industry day presentation March 22 has estimated its total value in the “tens of billions.”

Unlike the controversial JEDI cloud contract being competed by the Department of Defense, the CIA vehicle will also be used to acquire “services from multiple commercial vendors,” according to the notice.

The CIA’s contract, known as Commercial Cloud Enterprise (C2E), is a follow-on to the $600 million Commercial Cloud Services (C2S) contract, which was awarded to Amazon Web Services Inc. in 2013. C2E will expand on the C2S capabilities by adding new commercial services, boosting computing and storage capacity, and offering additional support at the UNCLASSIFIED and SECRET levels.

The C2E competition will have three parts:

  • Cloud Service Provider (CSP) acquisition — A multiple-award indefinite-delivery/indefinite quantity contract for professional services and foundational cloud services, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
  • Systems Integrator/Multicloud Management (SIMM) acquisition — System integration tools and support for the foundational cloud services purchased in the CSP acquisition.
  • Niche PaaS and SaaS acquisitions — Multiple contracts for distinct or specialized segments of PaaS and SaaS offerings to augment those acquired in the CSP acquisition.

Additional documentation, including a statement of objectives and a systems requirements document, were released Sept. 23 and are also available on the ARC website. The documents indicate that classified information up through Top Secret/Sensitive Compartmented Information (TS-SCI) will be processed on the system.

The CIA’s notice says that the prime contractor must be “an established cloud service provider with an existing, large-scale public offering,” which it defines as “generating at least $2 billion in annual revenue from all cloud operations.” This phase of the project is designed for large cloud vendors, but integration support and teaming arrangements are likely to be required in the future, according to a Q&A document released in April. Companies expected to compete for this contract include Inc.Microsoft Corp. and Google LLC.

BGOV’s Take

With a Bloomberg Government estimated total value of at least $10 billion, the C2E contract is listed as one of BGOV’s Top 20 opportunities, and it’s also among BGOV’s Top 10 information technology opportunities in fiscal 2020.

Representing an expanded move into the cloud, the latest contract demonstrates just how significant the CIA’s original award to Amazon was in 2013. At the time, it came as a surprise that an agency with such high level security requirements would entrust its data to a commercial company like Amazon, which hadn’t previously been a major player in defense and intelligence IT contracting — and that the CIA would embrace cloud computing, which by definition would provide multiple access points to sensitive information.

The CIA appears to be satisfied with its venture into cloud computing and is now seeking to broaden its cloud-based services. While the incumbent, Amazon, is likely to be highly competitive for C2E, the CIA is seeking to bring in other contractors for some of the work, and there will be multiple opportunities. The CIA’s embrace of the cloud has probably been influential in encouraging other agencies, both military and civilian, to modernize and migrate to cloud-based, service-oriented environment.

Companies interested in qualifying for the competition must complete a table provided in the presolicitation notice by Oct. 10.

More information on this opportunity can be found on the ARC website, which is unclassified but does require registration to log in.

To contact the analyst: Robert Levinson in Washington, D.C. at

To contact the editors responsible for this story: Daniel Snyder at; Jodie Morris at