Cybersecurity

DHS seeks assessment of cybersecurity market for smaller companies

Placeholder Image for Article Template

The Department of Homeland Security wants to know more about the state of the market for affordable cybersecurity protection for small and medium-sized businesses. In a request for information released Feb. 20, DHS said it wants to learn more about the role the cybersecurity industry might play in helping such companies adopt the Cybersecurity Framework released by the National Institute of Standards and Technology earlier this month.

The move is part of a voluntary program called the Critical Infrastructure Cyber Community, which seeks to connect companies, especially those that handle critical infrastructure, with available resources to secure and protect operations and networks.

"DHS issued this RFI to engage the private-sector community towards driving markets and innovation through economies of scale to deliver the best cybersecurity to all of our companies and citizens," Phyllis Schneck, deputy undersecretary for cybersecurity at DHS' National Protection and Programs Directorate, told FCW in an emailed statement.

The RFI is geared to providers of managed security services, network monitoring, and other diagnostic and protective systems, and seek answers on how the NIST framework might change the business landscape and make services more accessible and affordable to small and midsize companies. Specifically, DHS asks whether a company that adopts the NIST framework might merit lower service prices, if government has a role to play in touting the value of cybersecurity products to such companies, whether there are policy or technical impediments to offering services to such companies, and whether the government should define what adoption of the NIST framework entails.

A robust market exists to provide those services to large enterprises, but it is not clear if these providers can scale their services to suit smaller companies. "DHS seeks to understand the landscape of capabilities available to SMBs and ways to encourage economies of scale so SMBs can benefit from the rapid advances in cybersecurity and technology," the RFI states.

"I think they will probably analyze the information and determine if this is an area where there is a gap, and what are the appropriate roles for the department, and how they can influence it appropriately," said Evan Wolff, a partner at law firm Crowell and Moring and a former special assistant to DHS' assistant secretary for infrastructure protection.

DHS is collecting responses to the RFI through April 20.

About the Author

Adam Mazmanian is a staff writer covering Congress, the FCC and other key agencies. Connect with him on Twitter: @thisismaz.

The 2014 Federal 100

FCW is very pleased to profile the women and men who make up this year's Fed 100. 

Reader comments

Mon, Feb 24, 2014 Chuck Brooks Fairfax, Virginia

Security issues don’t solely fall to large corporations and government sectors. All businesses must take the necessary step to protect their information, no matter the size. Having affordable cybersecurity protection for SMB’s is very important. There are sectors within the government that are smaller than most who need the same amount of precautions taken as the big dogs. The DHS submitting this RFI is a good first step in providing that awareness.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above