DHS issues solicitation for Security Operations Center
WHAT: A solicitation from the Department of Homeland Security for a new contract, worth up to $395 million, to run the DHS Security Operations Center (SOC).
WHY: DHS is looking for contracting support to accomplish one of the agency's core missions: detecting, analyzing and responding to cyberthreats. DHS provides a range of cybersecurity services to other agencies, but the agency also needs help with its own networks, which are overseen by the SOC.
Running the SOC isn't a simple task: the agency operates "as a federated model," so analyzing internal cyberthreats requires direct monitoring from the main SOC and coordinating with other SOCs within the agency, according to a statement of work.
The contractor would be in charge of just about every cybersecurity service imaginable, including network monitoring, vulnerability assessments and intrusion analysis. The SOC's charge includes protecting the agency's wide area networks, Internet gateways, security devices, servers and workstations.
The new contractor will have to keep the SOC fully up and running during the transition from the previous contractor. In 2008, Verizon won a 10-year, $678.5 million contract that included implementing the SOC.
The solicitation includes an attachment that asks interested firms to respond to a hypothetical threat scenario: an analyst observes large-scale data exfiltration carried out by an IP address belonging to an advanced persistent threat actor. "Please consider any reporting requirements, privacy considerations, as well as internal and external escalation" in drawing up a response to the scenario, the attachment reads.
The solicitation process began over a year ago with an industry day hosted by DHS' acquisition institute. The contract has a one year base plus six additional one-year options.
Click here to read the solicitation. Responses are due May 13.
Posted by Sean Lyngaas on Apr 04, 2016 at 2:59 PM