Thrift Savings Plan Wants Help Protecting Federal Employees’ Retirement From Outside Cyber Threats

mojo cp/Shutterstock

The Federal Retirement Thrift Investment Board is working on a contract to help protect $611 billion in savings for some 6 million current and former feds.

The government agency tasked with managing the federal workforce’s retirement savings wants to ensure the nest egg is well-protected from cyber threats, including outside networks, technology and people who interact with its systems, but over which the agency has little control.

The Federal Retirement Thrift Investment Board, which manages the Thrift Savings Plan, issued a request for information Tuesday to garner industry feedback on a potential cyberthreat analysis contract.

As of February, the Thrift Savings Plan—the federal worker’s 401k—has more than 6 million participants and some $611 billion in assets. According to the notice, the board has done well securing its internal IT enterprise to protect these investments. However, its systems touch many others that are outside FRTIB’s networks.

The sources sought notice kicks off a market research effort to discover whether vendors can “conduct one or more external cyber reconnaissance analyses of some or all aspects of the FRTIB’s information technology footprint.”

Specifically, the agency is looking for “a vendor to discover, analyze, and visualize hidden relationships external to FRTIB's IT network,” the notice states.

This work will stretch across four categories, including vulnerabilities due to technologies touching the network, high-risk personnel and internal and external network analyses. From the RFI:

A network analysis to:

  • Identify potentially suspicious activity.
  • Identify public-facing infrastructure entry points.
  • Determine potential perimeter security misconfigurations associated with the FRTIB.
  • Externally map critical IT assets.

Vulnerable technology identification and exposure analysis to:

  • Collect data and develop and run queries, develop observations, cross reference current state and notify of immediate concerns.
  • Draft vulnerabilities remediation recommendations.
  • Identify known vulnerabilities and available exploits against specific technologies.
  • Define potential attack vectors for initial entry into FRTIB.

Personnel identification and exposure analysis to:

  • Identify and geolocate potentially high-risk personnel affiliated with FRTIB and personnel who present elevated risk from a cyber adversarial perspective.

Target affiliation analysis to:

  • Identify potential high-priority risk affiliations and external relationships.
  • Define visible and non-visible connections between FRTIB and affiliates.

Once the future contract is in place, FRTIB officials plan to issue a series of task orders. With each task order, the agency hopes “to better understand its cyber preparedness and act upon ... recommendations to mitigate vulnerabilities to FRTIB’s infrastructure,” according to the RFI.

Responses to the RFI are due by 12:30 p.m. March 25.