FAA awarding security contract
- By Paula Shaki Trimble
- May 23, 2001
The Federal Aviation Administration will be able to check off another item on its list of information systems security initiatives when it awards a contract in July for support of its Computer Security Incident Response Capability (CSIRC).
The FAA announced Tuesday it plans to award a five-month, sole-source contract to Computer Sciences Corp. to advise the FAA on intrusion detection and response and to monitor intrusions, manage trouble calls, issue alerts and advisories, administer the agency's secure Web page, support analyses and report metrics.
The contract will have two options of two months each, according to the FAA contract opportunity notice. Any follow-on efforts will be openly competed, the FAA notice said.
CSC already is performing services and has proprietary tools in place, the FAA notice said. Comments on the proposed award can be submitted through May 28.
FAA chief information officer Daniel Mehan established the FAA Office of Information Systems Security last spring. In an order from FAA Administrator Jane Garvey, the agency was directed to create and operate a CSIRC. In an interview in April, Mehan and Michael Brown, director of the FAA Office of Information Systems Security, said one of their priorities is to have a mature intrusion-detection and response process.
"We are leaning on the research and development community to develop software to filter and determine whether it's a real attack," Brown said. Brown and Mehan have already previewed some of that software.
Mehan said he wants more immediate distribution of virus and intrusion alerts.