Photo: Thomas Trutschel/Photothek via Getty Images

The Department of Homeland Security announced Tuesday it is awarding a $1.03 billion contract to Booz Allen Hamilton to boost cybersecurity vulnerability detection and mitigation in six federal agencies.

Why it matters: Almost 75% of agencies are vulnerable to cyberattacks because they don’t understand their risk, the Office of Management and Budget found earlier this year.

This is not Booz Allen’s first go at boosting government agencies’ cybersecurity — the consultancy has been working with the government-wide project under which this award falls for over 5 years.

  • Booz also won a multi-million dollar contract in May for seven other agencies under the Continuous Diagnostics and Mitigation (CDM) project.
  • Scope: Including both contracts, Booz Allen now secures “nearly 80% of the .gov enterprise, including 4.1 million network addressable devices, more than 1.75 million users, over 19,700 sites, and 89 individual Federal organizations,” per the announcement.

The details:

  • On this contract: Booz is now locked in for the next 6 years working with the General Services Administration, the Department of Health and Human Services, National Aeronautics and Space Administration, the Social Security Administration, the Treasury Department, and the U.S. Postal Service.
  • The earlier contract covered the Executive Office of the President and the Office of Personnel Management, as well as the departments of Energy, Veterans Affairs, Interior, Transportation, and Agriculture.

How it works: Agencies install network sensors to analyze cybersecurity gaps to help prioritize them. This can include anything from finding out which systems are un-patched to managing cloud security to access privileges to where data is flowing.

  • At a macro level, the goal is to allow the federal government to assess trends in cybersecurity risk across agencies. At a smaller scale, the aim is to help fulfill Federal Information Security Management Act (FISMA) mandates.

What to expect: The need for cybersecurity risk assessments is only going to grow, since information technology and cybersecurity are evolving fast, leaving agencies playing catchup.

  • “We can't predict what’s going to be here in 6 years as the threats evolve,” Rob Allegar, a Booz Allen Vice President and lead for the firm’s work on the project, told Axios. “And if you look at where IT is going across many of these agencies, the agencies are not static” as they “move to the cloud, move to a mobile workforce…all of these things are going to require different IT systems” with different risks.

Go deeper

Updated 43 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 7 p.m. ET: 12,859,834 — Total deaths: 567,123 — Total recoveries — 7,062,085Map.
  2. U.S.: Total confirmed cases as of 7 p.m. ET: 3,297,501— Total deaths: 135,155 — Total recoveries: 1,006,326 — Total tested: 40,282,176Map.
  3. States: Florida smashes single-day record for new coronavirus cases with over 15,000 — NYC reports zero coronavirus deaths for first time since pandemic hit.
  4. Public health: Ex-FDA chief projects "apex" of South's coronavirus curve in 2-3 weeks — Coronavirus testing czar: Lockdowns in hotspots "should be on the table"
  5. Education: Betsy DeVos says schools that don't reopen shouldn't get federal funds — Pelosi accuses Trump of "messing with the health of our children."

Scoop: How the White House is trying to trap leakers

Illustration: Sarah Grillo/Axios

President Trump's chief of staff, Mark Meadows, has told several White House staffers he's fed specific nuggets of information to suspected leakers to see if they pass them on to reporters — a trap that would confirm his suspicions. "Meadows told me he was doing that," said one former White House official. "I don't know if it ever worked."

Why it matters: This hunt for leakers has put some White House staffers on edge, with multiple officials telling Axios that Meadows has been unusually vocal about his tactics. So far, he's caught only one person, for a minor leak.

11 GOP congressional nominees support QAnon conspiracy

Lauren Boebert posing in her restaurant in Rifle, Colorado, on April 24. Photo: Emily Kask/AFP

At least 11 Republican congressional nominees have publicly supported or defended the QAnon conspiracy theory movement or some of its tenets — and more aligned with the movement may still find a way onto ballots this year.

Why it matters: Their progress shows how a fringe online forum built on unsubstantiated claims and flagged as a threat by the FBI is seeking a foothold in the U.S. political mainstream.