PrimeRFP SCOUT · Industry Intelligence

Cybersecurity Federal Contracts

Under PSC DA10 — Cybersecurity and Information Assurance, federal obligations totaled $6.4B across 5,928 contracts in the trailing 12 months (2025-04-29 → 2026-03-04), with an average award of $1.1M.

This page uses a PSC-led market view as the headline and a NAICS-based companion view for firm-classification analysis — see below.

$6.4B

12-Mo Obligations (Headline)

5,928

Contracts (12-Mo)

$1.1M

Avg Award Size

$53.0B

NAICS Companion (NAICS 5415)

Explore Cybersecurity Contracts in SCOUT →Create Free Account →

How this market is scoped

Headline view — Market

PSC DA10 — Cybersecurity and Information Assurance

Product Service Code — the federal taxonomy for what the government bought. The authoritative market-sizing lens.

Obligated: $6.4B · 5,928 contracts

Companion view — Firm classification

NAICS 5415 — Computer Systems Design firms (not cyber-specific)

NAICS describes a seller's industry classification — not what was bought. Use this view for firm-set analysis, not market sizing.

Obligated: $53.0B · 53,768 contracts

No NAICS cleanly isolates cybersecurity firms. NAICS 5415 is the broadest IT-services NAICS and captures any firm classified as a computer systems design provider — the vast majority of those awards are not cyber work. The NAICS 5415 total is shown here only to illustrate the NAICS lens and why it is not usable for cyber market sizing. Use the PSC DA10 headline above for the strict cyber services market.

Scope note: PSC DA10 is the strictest federal taxonomy for cybersecurity services. It excludes DA01 (Other IT & Telecom Support) and all non-D-series cyber-adjacent codes — readers should treat DA10 as cyber services only, not a broader cyber-and-IT market.

Scope note: DA10 obligations are also included in the OMB IT Category total on the IT & Software page (the two pages are different scopes of related data, not double counting).

Scope note: We previously labeled this page using NAICS 5415 prefix-matching, which conflated broader IT services with cyber. That methodology has been rescoped: DA10 is now the headline, NAICS 5415 is a companion firm-classification view with an explicit note that NAICS cannot cleanly identify cyber firms.

Data filters — reconstructible in USASpending

Every figure on this page is derived from the following filter set, applied to federal award data. Because SCOUT is a USASpending-derived extract, any number here can be reconstructed in USASpending Advanced Search using the scope label above plus these filters.

Scope: PSC DA10 — Cybersecurity and Information Assurance
Time window: Trailing 12 months (2025-04-29 → 2026-03-04)
Min award: ≥ $100,000 per transaction
Transaction type: Obligations only (federal_action_obligation). IDIQ/IDV base vehicles excluded.
Year type: calendar
Data source: PrimeRFP SCOUT (USASpending-derived extract)
Since date: 2025-04-28
Last refreshed: 2026-04-22

Top Agencies in Cybersecurity

Rank	Agency	Obligations
#1	Department of Veterans Affairs	$1.7B
#2	Department of Defense	$1.7B
#3	General Services Administration	$548.7M
#4	Department of Homeland Security	$521.3M
#5	Department of Agriculture	$365.6M

12-month aggregate · Scope: PSC · DA10 · PrimeRFP SCOUT

Top Cybersecurity Contractors

Rank	Contractor	Awards	Total Obligation
#1	V3Gate, LLC	84	$357.5M
#2	Deloitte Consulting LLP	26	$347.3M
#3	Accenture Federal Services LLC	94	$280.5M
#4	Minburn Technology Group, LLC	149	$279.5M
#5	Quantum Management, LLC	4	$169.3M

12-month aggregate, top 5 shown · Scope: PSC · DA10 · PrimeRFP SCOUT

Emerging Competitors (Rank 6–10)

Rank	Contractor	Awards	Total Obligation
#6	Dell Federal Systems L.P.	40	$161.0M
#7	Carahsoft Technology Corp.	163	$148.6M
#8	MetGreen Solutions Inc	17	$148.2M
#9	World Wide Technology, LLC	19	$146.2M
#10	Palantir USG Inc	41	$141.1M

Market Intelligence — Cybersecurity

●

$6.42B obligated across 5,928 contracts in the trailing 12 months under PSC DA10 — the strict cyber-services scope. VA ($1.74B) and DoD ($1.68B) lead; GSA, DHS, and USDA each obligate >$350M.

●

Award concentration is relatively low at the top — V3Gate ($358M), Deloitte ($347M), Accenture Federal ($281M), and Minburn ($280M) are close-ranked, and the top 10 awardees hold only ~34% of DA10 obligations. The balance flows to hundreds of cyber specialists.

●

Average award of $1.08M signals a task-order-heavy market. Palantir USG ($141M / 41 awards), Carahsoft ($149M / 163 awards), and World Wide Technology ($146M / 19 awards) reflect different acquisition patterns — direct mission services, reseller vehicles, and hardware-plus-services respectively.

●

DA10 is a subset of the OMB IT Category (see IT & Software page, $38.23B). The IT Category total includes DA10 plus DA01 and other IT PSCs; the two pages are different scopes of related data.

Frequently Asked Questions — Cybersecurity

How much federal cybersecurity contracting is there?

Under PSC DA10 (Cybersecurity and Information Assurance) — the strictest federal taxonomy for cyber services — obligations reached $6.42B across 5,928 contracts in the trailing 12 months (2025-04-29 → 2026-03-04). VA leads at $1.74B, followed by DoD at $1.68B. Source: PrimeRFP SCOUT · obligations only · ≥$100K · calendar-year basis.

Why is this number smaller than the IT figure?

The IT & Software page reports $38.23B under the full OMB IT Category, which includes DA10 cyber services plus DA01 (Other IT & Telecom Support), D399 (IT services not elsewhere classified), and many other D-series and 5xxx PSCs. This page intentionally uses only DA10 so it reports the strict cybersecurity services market — not IT broadly. The DA10 figure here is a subset of the IT Category number, not a separate measurement.

Why don't you use NAICS to measure cybersecurity?

No NAICS code isolates cybersecurity firms cleanly. NAICS 5415 (Computer Systems Design & Related Services) is the broadest IT-services classification and covers many firms that do no cyber work at all. The NAICS 5415 companion view on this page totals $52.97B — this is a firm-classification lens, not a cyber market measurement, and is shown only for transparency.

Data & Methodology

Federal contract and award data sourced from government procurement systems — including FPDS-NG, SAM.gov, and related federal data repositories. PrimeRFP SCOUT ingests, normalizes, and continuously updates records as agencies publish them. Reporting timelines vary by agency; some components (particularly DoD) carry a 60–90 day lag relative to award execution.

Dataset coverage — ≥ $100K floor

All intelligence on this page and within SCOUT is filtered to federal contract awards whose current total award value is $100K or more. PrimeRFP applies this floor at the award level (on current_total_value_award), not per-transaction, so large awards split across many mid-size obligation lines are retained in full. PrimeRFP's own empirical sampling against the raw USASpending dataset shows this threshold captures 98%+ of total federal contract dollars while excluding a long tail of micro-purchases, small modifications, and administrative actions — the trade-off that makes market intelligence tractable without distorting the dollar picture. Coverage: 560,000+ active contract awards and 2.5M+ unique awardees, including small-business set-asides, task orders, and mid-market opportunities.

Award identification: Each record is keyed by federal Award ID (PIID). Task orders recorded as independent awards appear as separate rows. IDIQs and their task orders are tracked distinctly.

Why SCOUT dollar figures differ from published annual totals: Per-agency dollar figures on SCOUT intelligence pages aggregate all USASpending transaction records — including base contract awards, task orders, delivery orders, and modifications to existing contracts. Annual federal contract obligation figures cited in industry reports (e.g., FY2025: $833.8B per Bloomberg Government) count only new prime award actions in the fiscal year, excluding mods. An IDIQ vehicle (like OASIS+) carries no obligation at award — only task orders issued against it are counted. SCOUT's transaction-level aggregates are larger because they capture the full activity picture across a contract's lifecycle, making them useful for competitive analysis and pipeline sizing rather than year-over-year spending comparison.

Ready to win Cybersecurity contracts?

PrimeRFP SCOUT shows every open cybersecurity solicitation, upcoming recompetes with incumbents, competitive positioning, teaming recommendations, and market intelligence — in one platform.

Start Free in SCOUT →