DHS to pick up $6 billion tab for cyber surveillance systems at every department

Blazej Lyjak/Shutterstock

Homeland Security strives to roll out real-time threat detection programs for lagging agencies.

The Homeland Security Department is footing a potentially $6 billion bill to provide civilian agencies with the technology and expertise needed for near real-time threat detection, DHS officials said this week. The White House has demanded so-called continuous monitoring since 2010, but many agencies did not have the resources or know-how to initiate such surveillance.

Under the new five-year project, DHS, which is responsible for protecting civilian networks, will shoulder the financial burden to finish activating continuous monitoring governmentwide. More than 62 percent of the federal government, or 15 out of 24 major civilian agencies, do not have mature surveillance programs, according to internal watchdogs

The new initiative, called continuous monitoring as a service, or CMaaS, will bundle sensors, risk-status displays and professional consulting services for agencies, according to a vendor solicitation released late last month.

Homeland Security plans to split the job among at least five teams, each comprising multiple companies supplying an array of technologies and experts. Military, state and local agencies will be urged to purchase services from the same contract packages to protect dot-mil and municipal government computer systems, but Homeland Security will not cover those costs.

“DHS is responsible for securing unclassified networks for federal executive branch civilian departments and agencies” on the dot-gov domain, Homeland Security spokesman SY Lee said.

Some information technology vendors expect, in the future, similar services will be offered to electricity providers, hospitals and other critical service companies for their private networks, though that is outside the scope of the current initiative.

Executives at prospective contractor Booz Allen Hamilton said their bid for the task will highlight the Virginia-based consulting firm’s own internal continuous monitoring system. “We’re definitely eating our own dog food on continuous monitoring,” said George Schu, a senior vice president who handles the company’s federal cyber business. “I think this is a defining moment for the nation, and the government has an important role.”

Continuous monitoring is intended to quantitatively track computer security protections, detect abnormal network activity, and then illustrate all this data on a central, easy-to-read computer screen, federal officials say. Agency personnel are in charge of interpreting the statistics on those “dashboards” to spot vulnerabilities and fix the most detrimental ones first, Lee said.

Each competitive proposal must include all three CMaaS components: human services, tools and dashboards.

Industry players are creating diverse teams because of the breadth of skills required, Booz Allen officials said. Agencies will be able to select from 15 types of tools, such as applications that identify unauthorized software and users on a system, as well as professional consulting services to operate the tools, the contracting document states.

This week, Homeland Security officials said they anticipate awarding the contracts before October 2013.

Ahead of imminent budget cuts, DHS secured $218 million for continuous monitoring and intrusion detection programs from a continuing resolution that funds the government through March 27.

NEXT STORY: Cyber espionage; Network intrusion