Agencies get new safeguard
- By Diane Frank
- Jun 18, 2001
Agencies struggling to monitor the security of their information systems can now turn to an array of vendors offered on a General Services Administration contract that has been modified with the idea of tapping those vendors for better information on governmentwide cyber intrusions.
GSA's Federal Computer Incident Response Center finished modifications June 7 with the Federal Technology Service to adapt the Safeguard security services contract to offer managed security services, said Lawrence Hale, liaison director at FedCIRC, speaking June 12 at the National Conference on Cyber and Physical Security in New Orleans.
Many agencies lack the staff or expertise to handle the increasing volume of log data generated by attackers scanning federal networks. By using managed security services, federal employees only have to address incidents that fall within the agency's policies.
FedCIRC wants agencies to choose contractors that offer those services so that administrators can catch more of the incidents that occur every day. Once agencies have intrusion-detection systems in place, GSA hopes they will sign agreements with FedCIRC to pass on incident information to the center.
GSA is developing an incident analysis center within FedCIRC that will take agencies' incident information and try to find patterns that suggest a larger attack is taking place. The center will then send warnings to all agencies.
FedCIRC has been working on the analysis concept for more than a year. It has evolved over time to the current push for agencies to use managed security services.