NATO Business Opportunity: Secure Cloud Service (SCS)

Quick Summary

NATO Allied Command Transformation (ACT) intends to issue a Request for Proposal (RFP) for a Secure Cloud Service (SCS). This opportunity seeks to establish a pre-accreditation validation environment for iterative security testing, architecture refinement, and the generation of auditable evidence aligned with NATO Security Policy and NIST SP 800-53 Rev.5. The SCS will also deliver initial operational cloud capabilities to priority Communities of Interest (COIs), with two prototypes addressing different technologies.

This is a Special Notice and does not constitute a commitment to award, as the procurement is pending funding and approvals.

Opportunity Overview

The SCS aims to de-risk and accelerate cloud deployment, advancing NATO's data-centric operations, AI-enabled decision superiority, and multi-domain operational integration. It will provide a secure, off-premises cloud infrastructure capable of handling information up to NATO Secret.

Key Requirements & Deliverables

The contract will involve:

• Development and validation of two cloud architectures: a Physical Air-Gap Cloud and a Hybrid Secure Cloud.
• Demonstration and validation of a federated, distributed, zero-trust-aligned cloud architecture across at least four sites in three NATO countries.
• Generation of accreditation artifacts and audit-ready evidence.
• Establishment of a secure direct connection between user headquarters and the Cloud Service Provider (CSP).
• Migration and validation of up to four priority COI application workflows.
• Delivery of a Confidentiality, Integrity, and Availability (CIA) cloud environment.
• Provision of a migration sandbox for additional COIs.

Contract Details

• Contract Type: Fixed-price contract.
• Period of Performance: A base period (estimated July 15, 2026 - July 15, 2027) and one option period (July 15, 2027 - July 15, 2028) per Lot.
• Estimated Value: Approximately EUR 20,000,000 total (inclusive of options) for two Lots, estimated at EUR 5,000,000 per lot per year.
• The RFP, referenced as RFP-ACT-SACT-26-54, will contain two lots: Lot #1 (Physical Air-Gap Cloud) and Lot #2 (Hybrid Secure Cloud).

Eligibility & Participation

Participation is restricted to vendors from NATO member nations. U.S. prime contractors must:

1. Maintain a professionally active facility within the United States.
2. Be approved for participation in NATO Competitive Procurement (NCP).
3. Hold a Facility Security Clearance at the level of SECRET or higher.
4. Be issued a Declaration of Eligibility (DOE) by the U.S. Government. Vendors (partners and subcontractors) must hold a NATO or National Facility Security Clearance, and the proposed team must hold NATO or National SECRET clearance at the time of proposal submission. Vendors must demonstrate financial, technical, and professional capacity, including experience with Zero Trust architectures, Confidential Computing, Cross-Domain Solutions, and dedicated private cloud connectivity.

Becoming Eligible to Bid (U.S. Firms)

The U.S. Government, through the Department of Commerce (DOC), approves NCP applications and issues DOEs. U.S. firms must submit a one-time NCP application (facility-by-facility) with a company resume and financial documents. The application can be downloaded from: https://www.bis.gov/about-bis/bis-leadership-and-offices/SIES/business-opportunities-nato.

Important Dates

• U.S. firms request DOE / submit NCP application: May 13, 2026
• Declarations of Eligibility (DOE) due to NATO: May 18, 2026, 0900 EST (send to hqsact.contracting@nato.int)
• HQ SACT issues RFP (planned): May 18, 2026
• Bid closing (planned): June 22, 2026
• Contract award (anticipated): July 15, 2026

Contact Information

For U.S. NCP applications and DOE requests, contact Lee Ann Carpenter at LeeAnn.Carpenter@bis.doc.gov.