Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
DHS creating new contract for advanced cyber services
Wednesday - 12/14/2011, 3:13pm EST
DHS issued a request for information Nov. 23 and will hold an industry day Jan. 13 for a new situational awareness and incident response (SAIR) Tier III blanket purchase agreement.
The RFI includes both a request for comments on the capabilities needed for near-real time data on the health of agency networks and on the draft product performance requirements.
"The objective of SAIR Tier III is to provide U.S. government agencies the ability to assess, assure, monitor and measure the security posture of their information technology assets in a timely manner (i.e., near-real time.)," DHS wrote in the RFI on FedBizOpps.gov. "The government may use feedback that results from this RFI and industry day to further refine technical requirements to potentially establish qualified product list (QPL) for [commercial] products that can be utilized by federal, state and local governments for information security continuous monitoring."
DHS's National Cybersecurity Division would manage the QPL in terms of testing and evaluating vendor products to ensure proposed products meet any developed SAIR III minimum technical requirements. This product list also will be available for all agencies to use.
DHS wants vendors to comment on how five specific tools would be used to do continuous monitoring:
- Asset management tools to document, track, and discover both authorized and unauthorized IT assets.
- Configuration management tools to assess, monitor and report compliance of agency-specified security configuration settings and patches, as well as real-time altering of changes to approved baseline configurations for hardware, software, user access and security controls.
- Vulnerability management tools to discover, identify and locate known security vulnerabilities and software security weaknesses; and report the associated potential exposure risks using the Common Vulnerability Scoring System and the Common Weakness Scoring System.
- Malware detection tools to discover, isolate, characterize and report known malware for supporting agency's security incident response process.
- Situational awareness analysis and reporting tools to provide the ability to collect, associate, compile and report security posture metrics in terms of IT security governance and operational effectiveness.
The contract could be in place in time for agencies to meet the Office of Management and Budget's deadline to implement continuous monitoring by the end of fiscal 2012.
OMB wants agencies to send their data to the Cyberscope tool, which is run by DHS.
"The tools and services delivered through the SAIR Tier III project will provide federal agencies with the ability to enhance/automate their existing continuous network monitoring capabilities, correlate and analyze critical security-related information, and enhance risk-based decision making at the agency and federal enterprise level," the RFI stated. "Information obtained from the automated monitoring tools will eventually feed Cyberscope and allow for the correlation and analysis of security-related information across the federal enterprise."
This would be the second SAIR contract. DHS and the General Services Administration awarded five vendors a spot on the SAIR Tier I in July 2009 under the SmartBuy program. GSA estimates the contracts could be worth $20 million over five years. It also said agencies could save between 1 percent and 89 percent off the current GSA schedule contract prices based on volume discounts.