FAA wants help becoming cybersecurity shared-services provider

The Federal Aviation Administration wants to become a shared-services provider under the Security Line of Business initiative. In a market survey released on FedBizOpps.gov last week, FAA asked for support services for a “leading edge cybersecurity management center.” FAA wants vendors to provide comments through the market survey on its draft statement of work. Officials leading the Security LOB recently said a shared-services concept for incident response reporting is one approach to ensuring agencies have these functions and they are standard across the government. FAA is asking for comments on 11 functional areas including: FAA will hold a vendor day Feb. 22 in Leesburg, Va., and comments on the draft statement of work are due by Feb. 21. “The Computer Security Management Center’s goal of achieving information assurance is accomplished by implementing layered defense methodologies by performing vulnerability assessment, compliance verification, security patch and virus notification, intrusion detection, incident handling and assistance with cyber disaster recovery, agencywide,” the draft statement of work states. “The CSMC is expanding and continuously maturing. Toward that end, this statement of work covers not only the goals and objectives [of the program], but describes the support effort necessary to move CSMC to the next level in becoming a world-class cybersecurity organization.”