The Department of Homeland Security has outlined a $202 million program to arm federal agencies with new tools to continuously monitor their computer networks for security threats. Contracts for monitoring services will be awarded as early as next year.
The tools will enable agencies to monitor their systems every 24 to 72 hours, and to diagnose and prioritize the biggest security weaknesses. Such programs are already in operation at two agencies, the State and Justice departments.
When it comes to continuous monitoring capabilities, “we are a little bit uneven across [the] dot-gov” domain, said John Streufert, director of DHS’ National Cybersecurity Division.
The tools will help agencies be aware of all hardware and software that has access to their networks and ensure they meet security standards. They also will continuously scan their networks for vulnerabilities so they can be quickly addressed when they appear. The tools will include dashboards that present to IT officials snapshots of their networks’ security status to enable quick response in the event a vulnerability.
Agencies will have the option of providing their own monitoring using DHS-provided tools; purchasing a monitoring service from another agency or contractor; or obtaining a monitoring service for cloud-based systems from their cloud service providers.