CBP ramps up surveillance tech without much-needed IT personnel, GAO says
A GAO report reveals that CBP has significantly increased surveillance technology deployments along the northern border while facing critical IT personnel shortages, with staffing rates below target for five years. DHS has agreed to develop recruitment and retention strategies for Law Enforcement In
Cabrillo Club
Editorial Team · February 16, 2026
Also in this intelligence package
Action Kit: CBP Surveillance Tech Expansion & IT Personnel Shortage
Immediate Actions (This Week)
- [ ] Review current capability statements for IT support services, managed services, and workforce augmentation to ensure alignment with CBP surveillance technology requirements
- [ ] Audit team credentials for Law Enforcement Information Systems Specialist (LEISS) equivalents and border security IT experience; identify gaps in certifications (CISSP, Security+, CISA)
- [ ] Check contract vehicle registrations on OASIS+, GSA IT Schedule 70, Alliant 2, CIO-SP4, and DHS EAGLE II; verify NAICS codes 541512, 541513, 541519, 561320 are active
- [ ] Monitor SAM.gov for CBP IT support and managed services solicitations using keywords: "surveillance technology," "IT personnel augmentation," "northern border," "LEISS"
- [ ] Assess compliance posture against DHS 4300A, NIST 800-171, FISMA, and HSPD-12 requirements for border security systems
Short-Term Actions (30 Days)
- [ ] Develop targeted teaming strategy with firms holding CBP past performance, particularly those with surveillance technology integration experience (NAICS 334290, 517919)
- [ ] Create specialized capability brief addressing CBP's dual challenge: surveillance tech operations AND IT workforce shortages; emphasize rapid deployment models and knowledge transfer
- [ ] Initiate recruitment pipeline for cleared IT personnel with border security experience; establish relationships with veteran transition programs and DHS-cleared talent pools
- [ ] Conduct competitive intelligence on incumbent CBP IT support contractors; analyze FPDS-NG awards for surveillance technology and managed services at northern border locations
- [ ] Prepare FedRAMP compliance roadmap for any cloud-based managed services offerings that may support CBP surveillance infrastructure
- [ ] Schedule outreach with CBP Office of Information and Technology (OIT) and Border Patrol technology program offices to understand upcoming requirements
- [ ] Update past performance narratives to highlight IT workforce augmentation, 24/7 NOC operations, and surveillance system support; quantify retention rates and time-to-fill metrics
Long-Term Actions (90+ Days)
- [ ] Build strategic partnership with surveillance technology OEMs (radar, sensor, camera systems) to position as integrated IT support provider for CBP deployments
- [ ] Develop proprietary training program for Law Enforcement Information Systems Specialists focused on CBP-specific surveillance platforms; create certification pathway
- [ ] Establish northern border presence through satellite offices or partnerships in key locations (Montana, North Dakota, Minnesota, Michigan, New York, Vermont) to support on-site IT requirements
- [ ] Create retention incentive program specifically designed for cleared IT personnel supporting law enforcement missions; address GAO-identified retention challenges
- [ ] Pursue CBP-specific contract vehicles and IDIQ positions that will emerge from DHS recruitment/retention strategy implementation
- [ ] Invest in CMMC 2.0 preparation (anticipated requirement for defense-adjacent border security work) and maintain FedRAMP authorization for cloud services
- [ ] Develop thought leadership content on solving IT workforce challenges in law enforcement technology environments; position for advisory roles in CBP workforce planning
Compliance Checklist
This event signals upcoming solicitations that will require the following compliance surfaces:
DHS 4300A (Sensitive Systems Policy Directive)
- [ ] Implement DHS-mandated security controls for sensitive but unclassified systems
- [ ] Establish security authorization processes aligned with DHS 4300A requirements
- [ ] Document system security plans (SSPs) for surveillance technology support systems
- [ ] Maintain continuous monitoring and incident response capabilities per DHS standards
NIST 800-171 (Protecting CUI)
- [ ] Implement all 110 security controls for systems processing Controlled Unclassified Information
- [ ] Document System Security Plan (SSP) with NIST 800-171 control implementation details
- [ ] Conduct annual self-assessments and maintain Plans of Action & Milestones (POA&Ms)
- [ ] Ensure subcontractors and teaming partners flow down NIST 800-171 requirements
FISMA (Federal Information Security Management Act)
- [ ] Categorize information systems using FIPS 199 standards (likely MODERATE impact level)
- [ ] Implement NIST 800-53 security controls appropriate to system categorization
- [ ] Conduct annual security assessments and authorization (A&A) processes
- [ ] Report security incidents to US-CERT within required timeframes
HSPD-12 (Personal Identity Verification)
- [ ] Ensure all personnel supporting CBP systems obtain PIV credentials
- [ ] Implement PIV-enabled logical access controls for surveillance technology systems
- [ ] Maintain personnel security clearance eligibility (likely Public Trust or Secret)
- [ ] Document background investigation completion for all personnel
FedRAMP (Cloud Security Authorization)
- [ ] Obtain FedRAMP authorization at appropriate impact level (Moderate or High) if offering cloud-based managed services
- [ ] Maintain continuous monitoring and monthly POA&M updates
- [ ] Use FedRAMP-authorized cloud service providers for any infrastructure components
- [ ] Document cloud security architecture and data flow diagrams
Additional Border Security Requirements
- [ ] Verify personnel can pass CBP background investigations and maintain facility access
- [ ] Ensure IT personnel understand law enforcement sensitive (LES) information handling
- [ ] Implement physical security controls for equipment supporting border surveillance
- [ ] Maintain operational security (OPSEC) protocols for surveillance technology configurations
Resources
Primary Source Documents
- GAO Report: CBP Northern Border Surveillance Technology (https://www.gao.gov/products) — Search GAO.gov for the full report on CBP surveillance technology and IT personnel shortages
- DHS 4300A Sensitive Systems Policy (https://www.dhs.gov/publication/dhs-4300a-sensitive-systems-policy-directive) — DHS security requirements for sensitive systems
- NIST 800-171 Rev 2 (https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final) — Protecting Controlled Unclassified Information in nonfederal systems
Agency Guidance
- CBP Office of Information and Technology (https://www.cbp.gov/about/leadership-organization/office-information-technology) — Primary technology office for CBP
- DHS Acquisition Directives (https://www.dhs.gov/acquisition-directives-guidebooks) — Acquisition policy and procedures
- FISMA Implementation Project (https://csrc.nist.gov/projects/risk-management/fisma-background) — NIST guidance on FISMA compliance
Contract Vehicle Information
- OASIS+ Information (https://www.gsa.gov/buy-through-us/products-and-services/professional-services/oasis-plus) — Unrestricted and small business pools
- GSA IT Schedule 70 (https://www.gsa.gov/buy-through-us/purchasing-programs/gsa-schedules/gsa-schedule-offerings/mas-information-technology) — IT products, services, and solutions
- Alliant 2 GWAC (https://www.gsa.gov/buy-through-us/products-and-services/technology-products-and-services/it-services/alliant-2) — IT solutions GWAC
- CIO-SP4 (https://nitaac.nih.gov/services/cio-sp4) — NIH IT services vehicle (cross-agency)
- DHS EAGLE II (https://www.dhs.gov/eagle) — DHS enterprise acquisition gateway for leading-edge solutions
Market Intelligence
- SAM.gov Contract Opportunities (https://sam.gov/content/opportunities) — Active federal solicitations
- FPDS-NG (https://www.fpds.gov) — Federal procurement data system for competitive intelligence
- USASpending.gov (https://www.usaspending.gov) — Federal spending transparency
How Cabrillo Club Automates This
Cabrillo Signals War Room has already detected this GAO report within minutes of publication and delivered this briefing to your dashboard. The War Room continuously monitors GAO reports, DHS policy updates, CBP technology initiatives, and congressional oversight activities so you never miss developments that signal upcoming opportunities. For this event, War Room identified the IT personnel shortage as a critical market signal and automatically tagged the relevant NAICS codes, contract vehicles, and compliance surfaces that will appear in future solicitations.
Cabrillo Signals Match Engine is automatically rescoring opportunities in your pipeline that involve CBP, border security, surveillance technology, or IT workforce augmentation. Any active pursuits tagged with NAICS 541512 (Computer Systems Design), 541513 (Computer Facilities Management), or 561320 (Temporary Help Services) are being re-evaluated against this new intelligence. The Match Engine increases relevance scores for opportunities that align with CBP's stated need for Law Enforcement Information Systems Specialists and decreases scores for pursuits that don't address the workforce shortage angle—helping you prioritize where this event creates competitive advantage.
Cabrillo Signals Intelligence Hub allows you to configure saved searches that will alert you when CBP posts solicitations matching this event's profile. Set up alerts for: (1) CBP solicitations containing "surveillance technology" + "IT support" keywords, (2) DHS EAGLE II task orders in NAICS 541512/541513, (3) GSA IT Schedule 70 RFQs from CBP Office of Information and Technology, and (4) any procurement mentioning "Law Enforcement Information Systems Specialist" or "LEISS." The Intelligence Hub tracks these patterns across SAM.gov, agency forecast systems, and procurement vehicles so you're notified the moment relevant opportunities appear.
Proposal Studio (Proposal OS) helps you respond to the CBP IT support solicitations that will emerge from this workforce shortage. When you're building proposals for surveillance technology support or managed services, Proposal OS pulls your past performance on similar DHS contracts, generates compliance matrices for DHS 4300A and NIST 800-171 requirements, and suggests win themes around workforce retention and rapid deployment. The AI understands that this GAO report creates an opportunity to differentiate on recruitment/retention strategies, so it will recommend emphasizing your personnel pipeline, clearance sponsorship programs, and knowledge transfer methodologies in your technical approach.
Proposal Studio Workflow Tracker triggers capture workflows when CBP opportunities matching this profile appear. The 9-gate process automatically routes compliance reviews to your security team for DHS 4300A and HSPD-12 verification, prompts your HR team to document cleared IT personnel availability, and generates teaming partner checklists for surveillance technology OEMs. When you reach the proposal development gate, Workflow Tracker ensures your compliance matrices address all five security frameworks (DHS 4300A, NIST 800-171, FISMA, HSPD-12, FedRAMP) and creates audit-ready documentation showing how your solution addresses both the technology operations AND workforce shortage challenges.
Ready to act on this intelligence? Log into your Cabrillo Club dashboard to see which opportunities in your pipeline have been rescored based on this CBP development, configure your saved searches in the Intelligence Hub, and review the automated compliance checklists Workflow Tracker has prepared for upcoming CBP IT support pursuits.
---
How ready are you for CMMC?
Take our free readiness assessment. 10 questions, instant results, no email required until you want your report.
Check Your CMMC ReadinessCabrillo Club
Editorial Team
Cabrillo Club helps government contractors win more contracts with AI-powered proposal automation and compliance solutions.