Contracts adapted for security

FedCIRC

The General Services Administration is adapting existing contracts to include services that will help agencies provide a better picture of security incidents across government.

The GSA Federal Technology Service's Office of Information Assurance and Critical Infrastructure Protection is developing a managed security services contract. Such services would enable agencies to rely on vendors to manage such tools as intrusion-detection systems.

The contract is intended to provide agencies with ways to find and react to security incidents and also to report those incidents to the Federal Computer Incident Response Center (FedCIRC), the governmentwide civilian analysis and warnings group based at GSA.

The managed security services offering will become standard under FTS' Safeguard contract, said Sallie McDonald, assistant commissioner of the Office of Information Assurance and Critical Infrastructure Protection.

"It's a recognizable vehicle, and we're trying to make it as easy as possible for people to take advantage of this," she said.

Once the services are available and agencies start using them, it will lay the groundwork for FedCIRC to gather the incident information in a new analysis center, McDonald said. This will help the government's security experts get a better idea of the threats and attacks that occur across agencies, a goal developed under the National Plan for Information Systems Protection, released by the Clinton administration in January 2000.

Over the next few months, FedCIRC will be increasing its staffing levels to support this effort, McDonald said.

FTS created the Safeguard contract in 1999 to provide a single vehicle for security services needed under Presidential Decision Directive 63, the May 1998 mandate for federal agencies to secure the systems that support infrastructure critical to the nation, such as telecommunications and electricity.

The Safeguard contract is a blanket purchase agreement developed from the Federal Supply Service information technology schedule. FTS is working with FSS to add managed security services to the IT schedule, which will then allow FTS to modify the Safeguard contract, McDonald said.

Managed security services have become a popular commodity in the commercial market, she said, and they are now making waves in the federal sector, so vendors are already working to add their offerings to their schedule contracts.

Featured

  • FCW Perspectives
    remote workers (elenabsl/Shutterstock.com)

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

  • Management
    shutterstock image By enzozo; photo ID: 319763930

    Where does the TMF Board go from here?

    With a $1 billion cash infusion, relaxed repayment guidelines and a surge in proposals from federal agencies, questions have been raised about whether the board overseeing the Technology Modernization Fund has been scaled to cope with its newfound popularity.

Stay Connected