Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
DHS creating new contract for advanced cyber services
Wednesday - 12/14/2011, 3:13pm EST
DHS issued a request for information Nov. 23 and will hold an industry day Jan. 13 for a new situational awareness and incident response (SAIR) Tier III blanket purchase agreement.
The RFI includes both a request for comments on the capabilities needed for near-real time data on the health of agency networks and on the draft product performance requirements.
"The objective of SAIR Tier III is to provide U.S. government agencies the ability to assess, assure, monitor and measure the security posture of their information technology assets in a timely manner (i.e., near-real time.)," DHS wrote in the RFI on FedBizOpps.gov. "The government may use feedback that results from this RFI and industry day to further refine technical requirements to potentially establish qualified product list (QPL) for [commercial] products that can be utilized by federal, state and local governments for information security continuous monitoring."
DHS's National Cybersecurity Division would manage the QPL in terms of testing and evaluating vendor products to ensure proposed products meet any developed SAIR III minimum technical requirements. This product list also will be available for all agencies to use.
DHS wants vendors to comment on how five specific tools would be used to do continuous monitoring:
- Asset management tools to document, track, and discover both authorized and unauthorized IT assets.
- Configuration management tools to assess, monitor and report compliance of agency-specified security configuration settings and patches, as well as real-time altering of changes to approved baseline configurations for hardware, software, user access and security controls.
- Vulnerability management tools to discover, identify and locate known security vulnerabilities and software security weaknesses; and report the associated potential exposure risks using the Common Vulnerability Scoring System and the Common Weakness Scoring System.
- Malware detection tools to discover, isolate, characterize and report known malware for supporting agency's security incident response process.
- Situational awareness analysis and reporting tools to provide the ability to collect, associate, compile and report security posture metrics in terms of IT security governance and operational effectiveness.
The contract could be in place in time for agencies to meet the Office of Management and Budget's deadline to implement continuous monitoring by the end of fiscal 2012.
OMB wants agencies to send their data to the Cyberscope tool, which is run by DHS.
"The tools and services delivered through the SAIR Tier III project will provide federal agencies with the ability to enhance/automate their existing continuous network monitoring capabilities, correlate and analyze critical security-related information, and enhance risk-based decision making at the agency and federal enterprise level," the RFI stated. "Information obtained from the automated monitoring tools will eventually feed Cyberscope and allow for the correlation and analysis of security-related information across the federal enterprise."
This would be the second SAIR contract. DHS and the General Services Administration awarded five vendors a spot on the SAIR Tier I in July 2009 under the SmartBuy program. GSA estimates the contracts could be worth $20 million over five years. It also said agencies could save between 1 percent and 89 percent off the current GSA schedule contract prices based on volume discounts.