Booz Allen [BAH] has won a $621 million task order from the Department of Homeland Security (DHS), the first award under a new effort that involves replacing existing cyber security tools that are part of an ongoing federal cyber security program and providing new cyber protection capabilities.

Under the six-year task order, which was awarded under the Continuous Diagnostics and Mitigation (CDM) Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) program, Booz Allen says it will work to reduce the threat surface of the federal government. The company, along with number of other contractors, has been providing cyber security products and services to the federal government since 2015 under the CDM program.

The new award, which is the largest ever under the CDM program, expands the company’s cyber security work for DHS.

“Our work will expand into new areas of cyber security, like incident response and automation,” says Marcie Nagel, a principal with Booz Allen and leader of the company’s CDM work. “This work aims to help these federal departments and agencies leverage new capabilities that will ultimately empower our clients to defend their networks faster with more flexibility and greater visibility into the network itself.”

Sheila Kahyaoglu, a defense and security analyst with Jefferies, says in a note following Booz Allen’s third quarter earnings call on Feb. 5, that the DHS award demonstrates the company’s “cyber security capability and increases the value of work already being done through the agency by a factor of 2.5” times.

The CDM DEFEND is a new acquisition vehicle that replaces the existing CDM Tools and Continuous Monitoring as a Service blanket purchase agreements that will in March. Awards planned under DEFEND are worth up to $3.4 billion through six separate task orders, according to a slide presentation by DHS last May at an Industry Day to discuss DEFEND.

Booz Allen says that DEFEND expands CDM to include security for cloud and mobile devices, automated capabilities for incident response and system compliance, enhanced protection of data at rest and in transit, and improved user management.

The CDM program is aimed at helping federal agencies acquire software tools to help them gain greater visibility about their information technology networks and to protect what’s on those networks. The program is currently divided into three phases and so far task orders have been awarded for two of the phases.

The DEFEND program applies to all three CDM phases and potential additional phases. According to the DHS slides, five of the DEFEND task orders are slated to be awarded by the beginning of the third quarter of FY ’18 and the sixth by mid-fiscal year 2019. A DHS spokesman tells HSR that the award to Booz Allen was made on Dec. 12.

The DEFEND task orders implement Phase three of the CDM program  and are focused on ongoing assessment and authorization, standardizing and optimizing for incident response, cloud and mobile security, boundary protection, event management, and addressing any gaps from the first two phases of the program, the spokesman says. DHS is considering a fourth phase for CDM, which the DEFEND vehicle would also apply to, he says.

DHS says the acquisition approach it is using with DEFEND provides more flexibility to federal agencies and gives them access to a broader range of services.

Separately, Booz Allen in late January says it received a potential $91.5 million contract from the Defense Department’s Missile Defense Agency to provide cyber security support. The contract was awarded last August.

The company says it will provide advisory and assistance services to MDA.

“Our new cyber security approaches, like automating incident response, advancing challenging weapon system cyber security, and incorporating advanced data science techniques are all key to cyber resilience and mission effectiveness,” says Robert Smith, senior vice president at Booz Allen.