Agencies have new system safeguard

Safeguard program

Federal agencies struggling to monitor the security of their information systems can now turn to an array of vendors offered on a General Services Administration contract, modified with the intention of tapping those vendors for better information on governmentwide cyber intrusions.

GSA's Federal Computer Incident Response Center finished modifications June 7 with the Federal Technology Service to adapt the Safeguard security services contract to offer managed security services, said Lawrence Hale, liaison director at FedCIRC.

Many agencies do not have the staff or expertise to handle the volumes of log data generated by the growing number of attackers scanning federal networks. By using managed security services, federal employees only have to address incidents that fall within the agency's policies.

FedCIRC wants agencies to choose contractors that offer those services so that administrators can catch more of the incidents that occur everyday. Once agencies have intrusion-detection systems in place, GSA hopes they will sign agreements with FedCIRC to pass on incident information to the center.

GSA is developing an incident analysis center within FedCIRC that will take the agencies' incident information and try to find patterns that suggest a larger attack is taking place. The center will then send out warnings to all agencies.

FedCIRC has been working on this big-picture incident analysis concept for more than a year. It has evolved over that time to the current push for agencies to use managed security services. At the same time, FedCIRC has been working with the GSA Federal Supply Service to add the services to the information technology schedule contract. This would enable FTS to modify the Safeguard blanket purchase agreement, which is awarded off the FSS schedule, to offer those services.