Contracts shaped for security
- By Diane Frank
- May 14, 2001
The General Services Administration is adapting existing contracts to include services that will help agencies provide a better picture of security incidents across government.
The GSA Federal Technology Service's Office of Information Assurance and Critical Infrastructure Protection is developing a managed security services contract, which will enable agencies to rely on vendors to manage tools such as intrusion-detection systems.
The contract is intended to provide agencies with ways to find and react to security incidents and report those incidents to the Federal Computer Incident Response Center (FedCIRC), the governmentwide civilian analysis and warnings group based at GSA.
The managed security services offering will become standard under FTS' Safeguard contract, said Sallie McDonald, assistant commissioner of the Office of Information Assurance and Critical Infrastructure Protection.
Once agencies begin using the services, the groundwork will be laid for FedCIRC to gather the incident information in a new analysis center, McDonald said. This will help government security experts get a better idea of the threats that occur across agencies.
Over the next few months, FedCIRC will be increasing its staffing levels to support this effort, McDonald said.
FTS created the Safeguard contract — a blanket purchase agreement developed from the Federal Supply Service information technology schedule — in 1999 to provide a single vehicle for security services needed under Presidential Decision Directive 63. The May 1998 directive mandated that federal agencies secure systems that are critical to the nation's infrastructure.