FAA delays procurement to respond to hack

The Federal Aviation Administration has postponed plans to seek a new cybersecurity services provider while the agency responds to a cyberattack, according to contracting documents.

The FAA is extending the contract of SRA International to support the agency's Security Operations Center through February 2016. Back in 2008, SRA won a $67 million contract to run the center, which protects the overall critical information systems at the Department of Transportation from infiltration and disruption. Under its existing contract, SRA's cyber work can continue via option periods through this July. A new bridge contract will allow work to continue through February 2016.

The FAA "requires additional planning time to determine the impact [of the recent cyber-attack] to the competitive procurement's requirements," as it plans to re-compete the contract to run cyber operations. The agency announced plans to delay the new procurement in an April 2 notice on the FedBizOpps website.

FAA officials apparently had big plans for its Security Operations Center. The goal of the new procurement was to "move the [Security Operations Center] from its current role of an incident response team to that of a leader in the cyber security world and become a shared service provider," in keeping with a line of business initiative from the Office of Management and Budget.

No details were released on the nature or scope of the cyberattack. The FAA is also dealing with a recent Government Accountability Office report released in March warned of potential weaknesses in the overall national air traffic control system, resulting from the weaknesses in the agency's security controls. "These include weaknesses in controls intended to prevent, limit, and detect unauthorized access to computer resources, such as controls for protecting system boundaries, identifying and authenticating users, authorizing users to access systems, encrypting sensitive data, and auditing and monitoring activity on FAA's systems," per the report.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.