Commerce to run cybersecurity lab in the cloud

This story has been updated.

The federal government and the state of Maryland plan to jointly operate a new cybersecurity laboratory in the cloud and demonstrate the lab's successful findings through social media and mobile apps, according to the Commerce Department.

The National Cybersecurity Center of Excellence is expected to be physically located in Montgomery County, Md., near the National Institute of Standards and Technology's Gaithersburg headquarters, but it will rely on hardware and software based at remote computer centers in the cloud. The facility will be a place where NIST scientists, industry developers and academic researchers can come together and test security applications for workplace and personal computers, government officials announced in February.

The center, funded at $10 million for 2012, doesn't have a building yet, but Commerce already is looking for a contractor to network the location during a three-year period, according to a March 27 market survey for interested vendors. The goal of the public-private venture is to experiment with various tools and techniques -- use cases -- so department officials want to rent hardware and software as they need it, instead of purchasing products they will use only temporarily.

"Since use-case builds will be nonpermanent, the support contractor shall research and recommend cloud service providers and services" that can support multiple, ongoing demos, the survey stated.

The chosen contractor will provide on-site networking and advise the government on which cloud services to purchase.

Lab participants will use social media to keep U.S. computer and smartphone users apprised of effective products, such as, for example, software and strategies for isolating work data from personal data on iPads. This public outreach will be conducted through a blog, wiki and news feeds, according to draft work requirements. On Friday, NIST spokeswoman Jennifer Huergo said the messages and apps may also deliver the actual cybersecurity products.

Contractors will have to simultaneously copy or "port and mirror" all the interactive tools to an off-site cloud that uses the same underlying technology and security capabilities, the document stated. Huergo said the purpose of maintaining the multimedia internally as well as in the cloud is to back up the data, as well as ensure the content is accessible to multiple audiences and aligns with the Obama administration's cloud adoption strategy.

The information technology backbone for the physical lab will include switches, routers, security and desktops, according to officials. This in-house IT also must support center personnel who are using mobile devices and telework stations. The government will hire about 20 permanent employees for the center, as well as guest engineers.

Commerce was still determining where to situate the lab at the time the work requirements were written. The start date for the project depends on availability of office space, the notice stated.