$19 Billion National Cyber Plan Might Consolidate Hack Response Contracts

The Obama administration, as part of a $19 billion national cybersecurity plan, is contemplating a one-stop shop for agencies to quickly buy cyberincident response services.

A new request for information asks security vendors for advice on consolidating preventive, reactive and fix-it help within the government’s biggest pre-approved IT contractor list.  

The proposed "Highly Adaptive Cybersecurity Services" would be available through the list, called General Services Administration IT Schedule 70.

GSA issued the market research survey to receive feedback and learn how contractors currently listed on Schedule 70 have been selling their cyber help.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

GSA expects that providing agencies a single menu of options will better reflect the present marketplace and the government's needs, plus minimize costs. The line item also should allow IT contractors already on Schedule 70 "to more easily differentiate cybersecurity services from other IT offerings," the market research questionnaire states.  

The government anticipates "proactive services" would include identifying legitimate IT assets that are on your network, scanning for security vulnerabilities, and testing employees' reflexes to fraudulent "phishing" emails. The preventive measures also consist of web application assessments and hunts to spot undetected adversaries or breaches. 

The proposed "reactive services" essentially are emergency response services, like determining the extent of a breach, kicking the bad guys out of the system, and restoring the network.

The "remediation services" might include technical support for security controls, system updates, or architectural improvements to fix the problems found during proactive or reactionary network evaluations.

The Highly Adaptive Cybersecurity Services proposal traces its origins to high-profile hacks at the Postal Service, White House, State Department and Office of Personnel Management, among other agencies.

In February, Obama released a $19 billion Cybersecurity National Action Plan that, along with other things, called for GSA to create contracting services that would allow agencies to buy a common set of incident response, penetration testing and hacker-hunting services from top commercial companies.

“The truth is that no matter how good that we get, we will never stop 100 percent of all intrusions,” so the initiative includes incident response elements, White House cyber czar Michael Daniel said at the time.

The national cyber agenda subsumed an earlier, fall 2015 Cybersecurity Strategy and Implementation Plan that, similarly, required GSA to research contract options and establish a way for agencies to fast-track incident response deals.

"GSA believes the cybersecurity services market is sufficiently mature for this [new contract category] to attract both industry partners and government buyers," agency officials said in the new request for information.