Cybersecurity RFPs

Ann Arbor Public Schools has issued a Request for Proposals for Cybersecurity services under Opportunity ID RFP-AAP-260000002083-1. The solicitation was officially posted on the State of Michigan SIGMA Vendor Self Service system on May 22, 2026. Interested vendors must search the SIGMA portal using the specific Opportunity ID to access full documentation and submission requirements before the June 4, 2026 deadline.

Provide cybersecurity management program.

Procurement of comprehensive cybersecurity services, including risk assessment, managed security, incident response, compliance, policy development, and training for information technology infrastructure, systems, and data.

The U.S. Nuclear Regulatory Commission (NRC) has posted a solicitation seeking research and technical services on the cybersecurity of novel technology implementations in operating and new/advanced reactors, with an emphasis on artificial intelligence and machine learning. The opportunity is a Total Small Business Set-Aside (NAICS 541715) and was published on 2026-05-05; proposals are due 2026-05-26 at 16:00 US/Eastern. The primary contracting point of contact is Jeffrey R. Mitchell and additional solicitation documents are available on the NRC’s FedConnect posting.

The Department of Transportation issued a justification to extend an existing BPA order for cybersecurity management support services to allow for IT workforce restructuring. The extension moves the order expiration from April 2026 to August 2026 and covers tasks such as vulnerability management, FISMA compliance, and CDM tool operations. The scope includes the use of AI for risk management modernization and alignment with OMB and Executive Order 14028 guidance.

Johnson County is seeking proposals from qualified vendors to provide comprehensive managed IT and cybersecurity services, including help desk support, network monitoring, and patch management. The scope encompasses business continuity, disaster recovery, and security systems monitoring to ensure the integrity of the county's digital infrastructure. Proposals must be submitted to the Commissioners Office in Buffalo, Wyoming, by the specified deadline in May 2026.

Cybersecurity of novel technology implementations in operating and new/advanced reactors - artificial intelligence and machine learning.

Provide Cybersecurity and Privacy Support Services.

Cybersecurity Audit Analyst.

The Region 5 Education Service Center issued an RFP for Property, Liability, Cybersecurity, and Windstorm/Terrorism coverage for the contract period July 1, 2026 – June 30, 2027 with options for multi-year extensions. The solicitation requests proposers provide specimen coverage documents, quote multiple plan options, and meet licensing, financial statement, and insurance requirements. Submissions are due via the buyer’s Bonfire portal on June 22, 2026, with vendor questions due by June 12, 2026.

The University of Michigan is seeking proposals from qualified suppliers to conduct a cybersecurity program maturity assessment aligned with the NIST Cybersecurity Framework. The selected vendor will partner with technology teams across U-M Health hospital systems to perform interviews, information gathering, and assessment activities. This initiative aims to evaluate and enhance the cybersecurity posture of the university's healthcare infrastructure over a three-year contract term.

The Universal Service Administrative Company (USAC) has issued a Request for Proposals to acquire Enterprise Cybersecurity and Monitoring Services and provided instructions on how to respond. The solicitation (IT-26-073) is posted via USAC’s procurement page and is listed on SAM.gov as a Combined Synopsis/Solicitation; proposals are due June 10, 2026 at 11:00 AM ET. This is a procurement and communications are to be directed to USAC’s contracting office contacts listed in the SAM.gov notice.

Seeking experienced and qualified operational technology (OT) cybersecurity consultants to provide an infrastructure servers and architecture survey and provide an upgrade to critical cybersecurity documents. The successful proposer must offer critical OT Cybersecurity survey services and provide cybersecurity documents including Incident Response Procedure, Business Continuity Plan, Disaster Recovery Plan, and OT Cybersecurity Policies and Procedures at the UConn Cogeneration Facility. See attached files.

WorkSafeBC is seeking proposals for a comprehensive cybersecurity awareness training solution to educate its workforce. The selected provider will deliver services aimed at improving the organization's security posture through structured training modules. All official documents and amendments for this solicitation are hosted on the BC Bid portal.

Requesting proposals from qualified vendors to obtain a cybersecurity maturity model certification (cmmc) assessment.

Develop and deliver a comprehensive disaster relief and all-hazards emergency management plan,, inclusive of cybersecurity and information systems resilience, for the authority's public housing developments and administrative operations. See attached file.

Provide services for cybersecurity audit & hipaa/hitech readiness compliance assessment reference.

The Kentucky Horse Racing and Gaming (KHRG) seeks a single qualified Managed Services Provider for comprehensive IT management and proactive cybersecurity services, including data migration from state-owned platforms and assistance with transition-related activities. This includes serving as an outsourced Virtual Chief Information Officer/Virtual Chief Information Security Officer (vCIO/vCISO) and assisting with a future RFP for website and application rebuilding.

The University of Michigan seeks qualified suppliers to partner with technology teams across its hospital systems to perform interviews, information gathering, and a cybersecurity capability maturity assessment aligned with the NIST Cybersecurity Framework. The selected supplier will deliver an assessment, associated deliverables, and enter into a multi-year contract with an anticipated three-year term. The solicitation is currently open with a submission deadline of June 8, 2026.

The Space Acquisition and Integration Office (SAIO) of the U.S. Department of Defense is seeking industry input via a Request for Information (RFI) for the Communications, Network, Engineering, Cybersecurity, and Information Technology Services (CNECTS) contract, an estimated $300M–$360M program. The government is requesting industry feedback on acquisition strategy, evaluation criteria, and risk assessment and will host an industry day and limited one-on-one sessions in Colorado Springs. Registration for the industry day is required by February 23, 2026, with the event scheduled for March 11, 2026.