Defense Counterintelligence Security Agency Awards ICF Position on New $800 Million Digital Modernization BPA

Rhea-AI Impact

(Neutral)

Rhea-AI Sentiment

(Neutral)

Rhea-AI Summary

ICF (NASDAQ:ICFI) won a position on a new five-year multiple-award blanket purchase agreement (BPA) with a ceiling of $800 million across 12 awardees to provide software engineering for the Defense Counterintelligence and Security Agency's National Background Investigation Services (NBIS).

ICF is eligible to compete for task orders to deliver cloud-native design, zero trust architecture, open-source technologies, agile DevSecOps, AI, and automation. ICF holds CMMC Level 2 certification, supporting its federal cybersecurity capabilities.

AI-generated analysis. Not financial advice.

Positive

Position on $800M BPA for NBIS software engineering
CMMC Level 2 certification confirms federal cybersecurity readiness
Eligible for task orders to deliver cloud-native, zero trust, AI-enabled solutions

Negative

No guaranteed revenue; $800M ceiling is shared among 12 awardees
Work is task-order dependent, so timing and volume of revenue are uncertain

News Market Reaction – ICFI

-0.35%

1 alert

-0.35% News Effect

On the day this news was published, ICFI declined 0.35%, reflecting a mild negative market reaction.

Data tracked by StockTitan Argus on the day of publication.

Key Figures

BPA ceiling value: $800 million BPA term: 5 years Awardees on BPA: 12 awardees +5 more

8 metrics

BPA ceiling value $800 million Five-year DCSA NBIS digital modernization BPA across 12 awardees

BPA term 5 years Duration of DCSA NBIS software engineering BPA

Awardees on BPA 12 awardees Total companies sharing DCSA NBIS BPA eligibility

Q4 2025 revenue $443.7 million Fourth quarter 2025 results

2025 revenue $1.87 billion Full year 2025 results

2025 GAAP net income $91.6 million Full year 2025

2025 GAAP EPS $4.95 Full year 2025 earnings per share

Backlog $3.4 billion Backlog at end of 2025

Market Reality Check

Price: $68.84 Vol: Volume 256,861 vs 20-day ...

normal vol

$68.84 Last Close

Volume Volume 256,861 vs 20-day average 346,676 (relative volume 0.74x). normal

Technical Shares at 67.57, trading below 200-day MA of 85.88 and near 52-week low of 64.34 (high 101.705).

Peers on Argus

ICFI was modestly down 0.12% while peers showed mixed moves: DGNX down about 0.7...

1 Up 1 Down

ICFI was modestly down 0.12% while peers showed mixed moves: DGNX down about 0.78%, RGP up about 5.97%. Scanner data flags no coordinated sector move.

Historical Context

5 past events · Latest: Mar 26 (Neutral)

Pattern 5 events

Date	Event	Sentiment	Move	Catalyst
Mar 26	Earnings call timing	Neutral	-1.5%	Announced date and time for Q1 2026 earnings release and webcast.
Mar 05	Conference participation	Neutral	+1.4%	Participation in Canaccord Genuity virtual sustainability summit fireside chat.
Feb 26	Earnings results	Positive	+4.3%	Reported strong Q4 and 2025 results with revenue growth, guidance, and dividend.
Feb 23	State contract award	Positive	-0.6%	Florida management services contract enabling eligibility for statewide services.
Feb 19	Utility contract amendment	Positive	+0.3%	Southern California Edison amendment expanding ICF’s Agricultural Energy Efficiency role.

Pattern Detected

Positive, contract‑related news has sometimes produced only modest or even negative next‑day moves, while earnings with detailed guidance saw a stronger positive reaction.

Recent Company History

Recent news for ICFI has focused on contract wins, financial results, and investor communications. On Feb 19, 2026, a Southern California Edison energy‑efficiency contract amendment lifted the stock slightly. A Florida management services award on Feb 23 coincided with a small decline. The Feb 26, 2026 earnings release, highlighting $1.87 billion in 2025 revenue and solid guidance, drew a 4.28% gain. Subsequent items—conference participation and an earnings call timing notice—produced only modest moves. Today’s federal BPA award fits the pattern of incremental contract wins layered on top of a growing backlog.

Market Pulse Summary

This announcement highlights ICFI’s addition to a DCSA NBIS digital modernization BPA with a $800 mi...

Analysis

This announcement highlights ICFI’s addition to a DCSA NBIS digital modernization BPA with a $800 million ceiling across 12 awardees, reinforcing its positioning in federal cyber and cloud services. Set against 2025 revenue of $1.87 billion and a $3.4 billion backlog, the BPA expands potential pipeline rather than immediate revenue. Investors may track subsequent task-order wins, execution on 2026 guidance, and continued federal cybersecurity credentials such as CMMC Level 2 certification.

Key Terms

blanket purchase agreement, cloud-native, zero trust architecture, open-source technologies, +3 more

7 terms

blanket purchase agreement financial

"a new multiple-award blanket purchase agreement (BPA) for software engineering"

A blanket purchase agreement is a standing contract between a buyer and a supplier that sets prices, terms and maximum quantities for repeated purchases over a set period, so individual orders can be placed without renegotiating each time. For investors, it matters because such agreements can smooth and make future revenue or costs more predictable—like a subscription that guarantees steady business for a seller or stable pricing and supply for a buyer—reducing sales volatility and execution risk.

cloud-native technical

"strengthen the NBIS systems using cloud-native design, zero trust architecture"

Cloud-native describes a way of creating and running applications that are designed specifically to operate smoothly on cloud computing platforms. Think of it as building a house with flexible, lightweight materials that can be easily moved, scaled, or adjusted as needed, rather than using rigid, traditional construction. For investors, it signifies technology that is more adaptable, efficient, and capable of quickly responding to changing market demands.

zero trust architecture technical

"using cloud-native design, zero trust architecture, open-source technologies"

Zero trust architecture is a cybersecurity approach that assumes no user, device, or connection is automatically safe and requires continuous verification for every access request—like checking ID at every door rather than leaving some doors unlocked. For investors, it matters because companies that adopt zero trust reduce the chance of costly data breaches, operational disruption, and regulatory penalties, protecting revenue, reputation, and long‑term value.

open-source technologies technical

"zero trust architecture, open-source technologies, agile DevSecOps practices"

Software or hardware whose underlying design or source code is made publicly available so anyone can use, modify, and share it — like a recipe or building blueprint anyone can copy and improve. For investors it matters because open-source can speed innovation, lower development costs, and increase adoption by creating broad ecosystems, while also affecting business models, competitive advantage, and potential support or security responsibilities.

devsecops technical

"open-source technologies, agile DevSecOps practices, AI and enhanced automation"

DevSecOps is the practice of building security checks into the whole software creation and delivery process instead of treating security as a separate step at the end. For investors, it matters because products that find and fix vulnerabilities earlier tend to ship faster, cost less to maintain, and carry lower risk of damaging breaches or regulatory fines — much like installing quality and safety checks on a car while it’s being assembled rather than after it leaves the factory.

cybersecurity maturity model certification regulatory

"ICF is a Cybersecurity Maturity Model Certification (CMMC) Level 2 certified vendor"

A cybersecurity maturity model certification is a formal, graded assessment that shows how well an organization protects its digital systems and data, based on a set of defined practices and processes. For investors it matters because the certification signals lower breach and compliance risk—similar to a building passing a safety inspection—and can affect a company’s ability to win contracts, avoid fines, and preserve reputation, all of which influence future revenue and valuation.

cmmc level 2 regulatory

"Cybersecurity Maturity Model Certification (CMMC) Level 2 certified vendor"

CMMC Level 2 is a U.S. government cybersecurity certification that requires companies to adopt a set of documented practices and processes to protect sensitive but unclassified information; Level 2 is the intermediate step between basic cyber hygiene and the highest, most stringent controls. For investors, achieving Level 2 is a practical signal that a company can compete for certain government contracts, reduce the chance of costly data breaches, and demonstrate disciplined risk management—think of it as upgrading from a basic door lock to a keypad plus alarm system for corporate data.

AI-generated analysis. Not financial advice.

See more from StockTitan in Google Search and AI answers. Adds StockTitan as a preferred source · opens Google

Add on Google

04/08/2026 - 04:05 PM

Services Will Strengthen the Performance, Efficiency and Security of Mission-Critical Systems

RESTON, Va., April 8, 2026 /PRNewswire/ -- The Defense Counterintelligence and Security Agency (DCSA) recently awarded leading global solutions and technology provider ICF (NASDAQ:ICFI) a position on a new multiple-award blanket purchase agreement (BPA) for software engineering services to modernize the agency's National Background Investigation Services (NBIS) systems. The five-year BPA has a ceiling value of $800 million across all 12 awardees.

Under the BPA, ICF is eligible to compete for task orders to deliver the full lifecycle of services that strengthen the NBIS systems using cloud-native design, zero trust architecture, open-source technologies, agile DevSecOps practices, AI and enhanced automation.

"NBIS is essential to protecting national security by enabling the government to quickly vet and continuously assess their workforce," said David Birken, ICF senior vice president for digital modernization and experience. "We look forward to partnering with DCSA to create a modernized, scalable solution that improves the system's performance, scalability, security and user experience, and accelerates measurable agency outcomes."

As a trusted partner to government and a leader in technology solutions, ICF brings together deep industry expertise with leading-edge technologies and advanced analytics to help government and industry meet dynamic end-user requirements and stand up a modern enterprise. From strategy to execution, ICF supports public sector clients in reducing time-to-value, accelerating mission outcomes and transforming service delivery to help them achieve measurable results.

ICF is a Cybersecurity Maturity Model Certification (CMMC) Level 2 certified vendor, confirming its ability to meet stringent federal cybersecurity standards when supporting U.S. defense and civilian agency programs.

About ICF 
ICF is a leading global solutions and technology provider. At ICF, business analysts and policy specialists work together with digital strategists, data scientists and creatives. We combine unmatched industry expertise with cutting-edge engagement capabilities to help organizations solve their most complex challenges. Since 1969, public and private sector clients have worked with ICF to navigate change and shape the future. Learn more at icf.com.

Caution Concerning Forward-looking Statements
Statements that are not historical facts and involve known and unknown risks and uncertainties are "forward-looking statements" as defined in the Private Securities Litigation Reform Act of 1995. Such statements may concern our current expectations about our future results, plans, operations and prospects and involve certain risks, including those related to the government contracting industry generally; our particular business, including our dependence on contracts with U.S. federal government agencies; our ability to acquire and successfully integrate businesses; and various risks and uncertainties related to health epidemics, pandemics, and similar outbreaks. These and other factors that could cause our actual results to differ from those indicated in forward-looking statements that are included in the "Risk Factors" section of our securities filings with the Securities and Exchange Commission. The forward-looking statements included herein are only made as of the date hereof, and we specifically disclaim any obligation to update these statements in the future.

Contact: Lauren Dyke, lauren.dyke@ICF.com, +1.571.373.5577

View original content to download multimedia:https://www.prnewswire.com/news-releases/defense-counterintelligence-security-agency-awards-icf-position-on-new-800-million-digital-modernization-bpa-302737164.html

SOURCE ICF

FAQ

What did ICF announce about the DCSA NBIS BPA on April 8, 2026?

ICF said it secured a position on a five-year multiple-award BPA with an $800 million ceiling across 12 awardees. According to the company, ICF is eligible to compete for task orders to modernize NBIS using cloud-native, zero trust, AI, and DevSecOps practices.

How material is the $800 million DCSA BPA for ICF (NASDAQ:ICFI)?

The BPA ceiling is $800 million but is shared across 12 awardees, so direct revenue is not guaranteed. According to the company, ICF must win individual task orders before revenue is realized, making impact dependent on future awards and timing.

What technical capabilities will ICF provide under the DCSA NBIS BPA?

ICF will offer cloud-native architecture, zero trust design, open-source technologies, agile DevSecOps, AI, and enhanced automation. According to the company, these capabilities aim to improve NBIS performance, scalability, security, and user experience.

Does ICF have the cybersecurity credentials to support DCSA work under the BPA?

Yes. ICF is CMMC Level 2 certified, indicating it meets federal cybersecurity standards for defense and civilian agency programs. According to the company, this certification supports compliant handling of sensitive government workloads.

What does ICF being "eligible to compete for task orders" mean for investors in ICF?

It means ICF can bid on specific contracts under the BPA but will only earn revenue if awarded task orders. According to the company, eligibility expands opportunity but does not guarantee future contracts or revenue timing.