GSA preps security solutions

FedCIRC

Agencies and vendors should expect to see some big opportunities for increasing government security as the General Services Administration readies several new solutions and solicitations this year.

In March, GSA's Federal Computer Incident Response Center (FedCIRC) awarded its patch authentication and dissemination capability, a free service to provide agencies with a way to get only the security patches they need for the software on their networks.

The service, run by Science Applications International Corp. and subcontractor Vigilinx Inc., will be at initial operating capability and ready for some agencies to use June 20, said Sallie McDonald, GSA's assistant commissioner for information assurance and critical infrastructure protection. McDonald was speaking May 22 at the E-Security and Homeland Defense conference in New York City, an event sponsored by the Information Technology Association of America and Prudential Securities.

In July, FedCIRC officials expect to release a request for proposals on a security knowledge management portal, another service to be offered to agencies, McDonald said. The portal will enable agencies to find out about general security issues, such as new vulnerabilities, threats and fixes. It also will provide a secure site for chat rooms and other collaboration tools, she said.

FedCIRC also is looking at creating a security toolkit, giving agencies central access to all of the security tools developed and already paid for by government and quasi-government organizations, such as Mitretek Systems Inc. and the Carnegie Mellon University's Software Engineering Institute.

The center plans to issue an RFP this summer for a contractor to identify the tools, assemble them into a suite of services and market them to agencies, McDonald said.