Agencies have new system safeguard

Safeguard program

Federal agencies struggling to monitor the security of their information systems can now turn to an array of vendors offered on a General Services Administration contract, modified with the intention of tapping those vendors for better information on governmentwide cyber intrusions.

GSA's Federal Computer Incident Response Center finished modifications June 7 with the Federal Technology Service to adapt the Safeguard security services contract to offer managed security services, said Lawrence Hale, liaison director at FedCIRC.

Many agencies do not have the staff or expertise to handle the volumes of log data generated by the growing number of attackers scanning federal networks. By using managed security services, federal employees only have to address incidents that fall within the agency's policies.

FedCIRC wants agencies to choose contractors that offer those services so that administrators can catch more of the incidents that occur everyday. Once agencies have intrusion-detection systems in place, GSA hopes they will sign agreements with FedCIRC to pass on incident information to the center.

GSA is developing an incident analysis center within FedCIRC that will take the agencies' incident information and try to find patterns that suggest a larger attack is taking place. The center will then send out warnings to all agencies.

FedCIRC has been working on this big-picture incident analysis concept for more than a year. It has evolved over that time to the current push for agencies to use managed security services. At the same time, FedCIRC has been working with the GSA Federal Supply Service to add the services to the information technology schedule contract. This would enable FTS to modify the Safeguard blanket purchase agreement, which is awarded off the FSS schedule, to offer those services.

Featured

  • Defense

    DOD wants prime contractors to be 'help desk' for new cybersecurity model

    The Defense Department is pushing forward with its unified cybersecurity standard for contractors and wants large companies and industry associations to show startups and smaller firms the way.

  • FCW Perspectives
    tech process (pkproject/Shutterstock.com)

    Understanding the obstacles to automation

    As RPA moves from buzzword to practical applications, agency leaders say it’s forcing broader discussions about business operations

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.