VA seeks cyber operations help

Alastair Pike/AFP via Getty Images

The Department of Veterans Affairs is looking for capabilities ranging from cyber incident response and cloud threat detection to insider threat analysis to support its security operations center in a new market research request.

The Department of Veterans Affairs is prepping for a potential five-year cybersecurity contract to support its in-house enterprise security operations centers and wants industry information about market possibilities.

VA officials outlined its wish list in a May 11 sources sought notice, calling for a range of capabilities that could be deployed at its department facilities in Martinsburg, West Virginia; Hines, Illinois; and other potential remote and VA locations to support cybersecurity across the enterprise.

“VA computer networks encounter over 45 million weekly security related events and have over 500,000 workstations, 350,000 users, 500 network security appliances and 25,000 servers,” the notice’s performance work statement said. “Success in achieving effective enterprise network defense capabilities at VA involves the ability to leverage Intelligence collected, the Information Security Continuous Monitoring capabilities deployed across the enterprise, and Advanced Persistent Threat hunting abilities of security experts.”

To assist in those efforts, the VA CSOC Next Generation II contract seeks vulnerability scanning services, cybersecurity threat intelligence, incident response, forensics and malware analytics, advanced cyber hunt and threat analysis, insider threat analysis, cybersecurity orchestration automation response support and other offerings. 

VA is also interested in support for "authority to operate" decisions required to bring new systems online. The contractor's role includes coordinating support requests, maintaining documentation on approved systems and developing plans to address vulnerabilities. 

Vendors have until June 2 to respond to the sources sought notice.