recommended reading

DHS to pick up $6 billion tab for cyber surveillance systems at every department

Blazej Lyjak/Shutterstock

The Homeland Security Department is footing a potentially $6 billion bill to provide civilian agencies with the technology and expertise needed for near real-time threat detection, DHS officials said this week. The White House has demanded so-called continuous monitoring since 2010, but many agencies did not have the resources or know-how to initiate such surveillance.

Under the new five-year project, DHS, which is responsible for protecting civilian networks, will shoulder the financial burden to finish activating continuous monitoring governmentwide. More than 62 percent of the federal government, or 15 out of 24 major civilian agencies, do not have mature surveillance programs, according to internal watchdogs

The new initiative, called continuous monitoring as a service, or CMaaS, will bundle sensors, risk-status displays and professional consulting services for agencies, according to a vendor solicitation released late last month.

Homeland Security plans to split the job among at least five teams, each comprising multiple companies supplying an array of technologies and experts. Military, state and local agencies will be urged to purchase services from the same contract packages to protect dot-mil and municipal government computer systems, but Homeland Security will not cover those costs.

“DHS is responsible for securing unclassified networks for federal executive branch civilian departments and agencies” on the dot-gov domain, Homeland Security spokesman SY Lee said.

Some information technology vendors expect, in the future, similar services will be offered to electricity providers, hospitals and other critical service companies for their private networks, though that is outside the scope of the current initiative.

Executives at prospective contractor Booz Allen Hamilton said their bid for the task will highlight the Virginia-based consulting firm’s own internal continuous monitoring system. “We’re definitely eating our own dog food on continuous monitoring,” said George Schu, a senior vice president who handles the company’s federal cyber business. “I think this is a defining moment for the nation, and the government has an important role.”

Continuous monitoring is intended to quantitatively track computer security protections, detect abnormal network activity, and then illustrate all this data on a central, easy-to-read computer screen, federal officials say. Agency personnel are in charge of interpreting the statistics on those “dashboards” to spot vulnerabilities and fix the most detrimental ones first, Lee said.

Each competitive proposal must include all three CMaaS components: human services, tools and dashboards.

Industry players are creating diverse teams because of the breadth of skills required, Booz Allen officials said. Agencies will be able to select from 15 types of tools, such as applications that identify unauthorized software and users on a system, as well as professional consulting services to operate the tools, the contracting document states.

This week, Homeland Security officials said they anticipate awarding the contracts before October 2013.

Ahead of imminent budget cuts, DHS secured $218 million for continuous monitoring and intrusion detection programs from a continuing resolution that funds the government through March 27.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.