Wednesday · July 26, 2017

DHS S&T Awards $70M OTA to Cyber Apex Solutions — Largest Single DHS R&D Award Creates Opaque Consortium Vehicle for Critical Infrastructure Cybersecurity

confirmed Importance 8/10 ~5 min read 5 sources 4 actors

Opening Paragraph

On July 26, 2017, DHS Science and Technology Directorate awarded Cyber Apex Solutions, LLC (Arlington, VA) a five-year Other Transaction Agreement (OTA) worth up to $70 million to manage a consortium of cybersecurity researchers, companies, and academics under the Next Generation Cyber Infrastructure (NGCI) Apex program. The award (HSHQDC17900002), issued under solicitation DHSST-LRBAA14-02, is the largest single contract in the 2004–2025 DHS S&T SBIR/LRBAA dataset — nearly $11M larger than the next-largest (SAIC’s $59.2M DEBIASE biometric program). The program targeted cybersecurity vulnerability gaps in the financial services sector, with planned expansion to government, energy, and communications critical infrastructure.

What Happened / Key Facts

Per Washington Technology’s July 27, 2017 reporting, DHS S&T awarded Cyber Apex Solutions the OTA under the Long Range Broad Agency Announcement (LRBAA) vehicle rather than a standard FAR contract. The OTA instrument was chosen specifically to enable use of “non-traditional government contractors” and to reduce the competitive-solicitation and reporting requirements that would apply to a standard procurement.

Cyber Apex Solutions is a consortium management LLC, not a technology company. Its role under the award is to:

  • Build and manage a pool of subcontracted cybersecurity researchers, companies, and academics
  • Receive capability-gap definitions from the Cyber Apex Review Team (CART) — a body of financial-institution CISOs, Treasury representatives, and DHS S&T officials
  • Solicit proposals from consortium members and manage prototyping, piloting, and deployment phases with DHS S&T joint oversight

The five focus areas for the financial sector phase: dynamic network defense, network characterization, malware detection, software assurance, and insider threat detection. The program design contemplated expansion to government, energy, and communications sectors in subsequent phases, none of which appear to have been executed under this OTA.

CART grew from 6 initial financial institution members to reportedly 31+ institutions by the program’s mid-point, per DHS S&T’s August 2018 progress release. DHS does not disclose CART member names. MITRE HSSEDI (a DHS-S&T FFRDC) provided parallel technical threat modeling through a separate government channel — not as a Cyber Apex subcontractor.

The DDoSecrets DHS dataset records the award amount as $70,000,000 with a currentObligationAmount of $0 — a discrepancy that may reflect phased drawdown reporting conventions for OTA ceiling vehicles, or may indicate limited actual obligation; FOIA is required to resolve it. Most recent award on HigherGov is September 27, 2019, suggesting active subcontracting continued at least through year two of the five-year period.

Why This Event Matters

The Cyber Apex Solutions award is the paradigm case of the OTA accountability gap applied at critical-infrastructure scale. The structural opacity is not incidental — it is designed into the OTA instrument:

  • Consortium membership lists are not publicly disclosed
  • Individual sub-award amounts are not required to appear in FPDS under OTA rules in effect during 2017–2022
  • No GAO bid protest is available for OTA awards
  • No public deliverables report, after-action review, or technology-transition summary has been published despite the program concluding in March 2022

A 2022 GAO report (GAO-22-105357) found that DOD — which uses OTAs at much larger scale — had not systematically tracked which consortia received OTA funding. A 2025 GAO follow-up (GAO-25-107546) found that even after post-2022 FPDS reforms, consortium management organizations (rather than the actual performing awardees) remained listed as the vendor in approximately 16% of consortium OTA records. The Cyber Apex OTA predates these reforms and would not have been subject to them during its active period.

The result: a $70M federal program for protecting the financial sector’s critical infrastructure ran for five years through a single-operator LLC with no public record of who performed the work, at what cost, or with what results. This is the largest single instance of the OTA accountability gap in the DHS S&T R&D dataset.

Broader Context

The Cyber Apex award sits within Presidential Policy Directive 21 (PPD-21, February 2013), which designated 16 critical infrastructure sectors and directed enhanced cybersecurity. The financial services sector was the highest-priority sector given documented nation-state targeting of banking systems. NGCI Apex was designed to address that gap through a public-private R&D consortium — a structurally reasonable approach to a genuine security problem.

The accountability problem is not that DHS chose to address financial-sector cybersecurity vulnerabilities; it is that the procurement vehicle chosen (OTA consortium) made it impossible to determine whether public money was effectively spent. As the program manager Eric Harder described it, Cyber Apex was to act as “a clearinghouse for cyber technologies” — but with no public accounting of what the clearinghouse cleared, or to whom.

The NGCI Apex program pages are now archived on dhs.gov. No public successor program has been announced. The five focus-area prototype capabilities remain undocumented as to operational deployment status.

Research Gaps

  • Consortium member list — who received subcontracts under OTA HSHQDC17900002 (FOIA DHS S&T contracting records)
  • Actual obligation amount against $70M ceiling (FOIA DHS S&T)
  • Whether The Soter Group (parent awardee, same owner Justin Taft) received subcontract work — potential related-party transaction
  • Whether NexiTech’s $194K FSCSAD contract flowed through Cyber Apex or directly via DHS SVIP OTA
  • CART member identities — DHS explicitly withholds (FOIA CART meeting minutes)
  • Technology transition outcomes — prototype-to-deployment status for five focus areas
  • Program successor post-March 2022
  • cyber-apex-solutions
  • dhs-sbir-as-surveillance-rd-incubation-pipeline
  • mitre-corporation — needs entry
  • ota-opacity-and-commercial-solutions-opening — needs entry
  • capability-preservation-through-privatization
  • epic-surveillance-inc-privatized-surveillance-industrial-complex-2003-2026

Sources & Citations

[1] DHS S&T News Release: DHS S&T Selects Cyber Apex Solutions for Cyber Research — DHS S&T · Jul 26, 2017 Tier 1
[2] DHS picks Cyber Apex Solutions for critical infrastructure cyber research agreement — Washington Technology · Jul 27, 2017 Tier 2
[3] DHS taps Cyber Apex Solutions for applied cybersecurity research — Intelligence Community News · Jul 1, 2017 Tier 2
[4] Cyber Apex Solutions Gets $70M DHS Contract for Cyber Defense Prototype Applied Research — GovCon Wire · Jul 27, 2017 Tier 2
[5] DDoSecrets DHS Contracts Dataset — award record HSHQDC17900002 — Distributed Denial of Secrets · Mar 1, 2023 Tier 1
Tiers Tier 1 court records & gov docs · Tier 2 established outlets · Tier 3 regional & specialty press · Tier 4 opinion or single-source. Methodology →
Cite this entry
The Cascade Ledger. “DHS S&T Awards $70M OTA to Cyber Apex Solutions — Largest Single DHS R&D Award Creates Opaque Consortium Vehicle for Critical Infrastructure Cybersecurity.” The Capture Cascade Timeline, July 26, 2017. https://capturecascade.org/event/2017-07-26--cyber-apex-solutions-70m-ota-ngci-apex-dhs-financial-sector-critical-infrastructure/