DHS Is Under the Gun to Collect Data About Threats to Infrastructure, Networks

The Homeland Security Department is under the gun to collect massive amounts of data about threats to the nation's physical and network infrastructure, according to contracting documents. 

To meet a June 1 deadline to come up with an aggregation strategy, DHS has awarded a contract to Sunesis Consulting LLC without holding a competition, a sole-source justification states.

The strategy is the first step in a larger effort to unite operations across the department's “cybersecurity, critical infrastructure protection and law enforcement situational awareness,” as well as counterterrorism programs, among other domestic protection duties.

Sunesis is the only firm "up to speed" on the mission, having recently helped select the "situational awareness data" that must be gathered, a contracting officer wrote in the April 28 justification.

The Alexandria, Virginia-based small business crafted interview questions for a Situational Awareness Data and Information Assessment report that identified the desired data sets, the officer said. The report was finished in February. A DHS spokeswoman told Nextgov the report is for internal use only. 

Also, Sunesis "provided a review of the need for additional capabilities/capacity for big data analytics to authenticate situational awareness" and for "identifying outage/disruption patterns,” the officer said.

If there is not a plan in place by June 1, the department’s Office of Information Protection will restrict funding to execute the project by $2 million. 

The scope of the immediate work "will include the development of detailed objectives and the definition of near-time situational awareness, a prioritization framework to support selection among the data sources, coordination opportunities" across the federal government "to leverage available sources at low or no-cost, and expected enhancements from the available data," an award notice states.

By September, Homeland Security needs another plan detailing how to use the data at the department's 24/7 physical infrastructure watch center, the officer said.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The facility -- called the National Infrastructure Coordinating Center -- serves as an information-sharing hub, when there is an incident affecting key U.S. sectors that requires coordination between DHS and industry.

The new information collection strategy “represents the first step toward developing a plan to implement the authoritative data sources study to assist NICC watch operations to effectively monitor critical infrastructure and provide situational awareness,” the notice stated.

The center communicates with a round-the-clock U.S. IT network protection operation, the National Cybersecurity Communications and Integrations Center, to support the entire spectrum of critical infrastructure. 

The "learning curve" for any other vendor would essentially double the cost of the contract, the officer said. The dollar amount of the award is redacted in the documents.

On Wednesday, presidential advisers are scheduled to discuss recommendations for DHS and other agencies on using big data analytics to protect U.S. infrastructure. The National Security Telecommunications Advisory Committee’s draft report describes how extensive, disparate data sets can produce intelligence in a crisis – using the hypothetical scenarios of a hurricane, terrorist strikes on cities, and a cyberattack.