DHS seeks assessment of cybersecurity market for smaller companies

Placeholder Image for Article Template

The Department of Homeland Security wants to know more about the state of the market for affordable cybersecurity protection for small and medium-sized businesses. In a request for information released Feb. 20, DHS said it wants to learn more about the role the cybersecurity industry might play in helping such companies adopt the Cybersecurity Framework released by the National Institute of Standards and Technology earlier this month.

The move is part of a voluntary program called the Critical Infrastructure Cyber Community, which seeks to connect companies, especially those that handle critical infrastructure, with available resources to secure and protect operations and networks.

"DHS issued this RFI to engage the private-sector community towards driving markets and innovation through economies of scale to deliver the best cybersecurity to all of our companies and citizens," Phyllis Schneck, deputy undersecretary for cybersecurity at DHS' National Protection and Programs Directorate, told FCW in an emailed statement.

The RFI is geared to providers of managed security services, network monitoring, and other diagnostic and protective systems, and seek answers on how the NIST framework might change the business landscape and make services more accessible and affordable to small and midsize companies. Specifically, DHS asks whether a company that adopts the NIST framework might merit lower service prices, if government has a role to play in touting the value of cybersecurity products to such companies, whether there are policy or technical impediments to offering services to such companies, and whether the government should define what adoption of the NIST framework entails.

A robust market exists to provide those services to large enterprises, but it is not clear if these providers can scale their services to suit smaller companies. "DHS seeks to understand the landscape of capabilities available to SMBs and ways to encourage economies of scale so SMBs can benefit from the rapid advances in cybersecurity and technology," the RFI states.

"I think they will probably analyze the information and determine if this is an area where there is a gap, and what are the appropriate roles for the department, and how they can influence it appropriately," said Evan Wolff, a partner at law firm Crowell and Moring and a former special assistant to DHS' assistant secretary for infrastructure protection.

DHS is collecting responses to the RFI through April 20.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy, health IT and the Department of Veterans Affairs. Prior to joining FCW, Mr. Mazmanian was technology correspondent for National Journal and served in a variety of editorial at B2B news service SmartBrief. Mazmanian started his career as an arts reporter and critic, and has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, Architect magazine, and other publications. He was an editorial assistant and staff writer at the now-defunct New York Press and arts editor at the online network in the 1990s, and was a weekly contributor of music and film reviews to the Washington Times from 2007 to 2014.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Mon, Feb 24, 2014 Chuck Brooks Fairfax, Virginia

Security issues don’t solely fall to large corporations and government sectors. All businesses must take the necessary step to protect their information, no matter the size. Having affordable cybersecurity protection for SMB’s is very important. There are sectors within the government that are smaller than most who need the same amount of precautions taken as the big dogs. The DHS submitting this RFI is a good first step in providing that awareness.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group