John Streufert, director of DHS' Federal Network Resilience division, speaks at the Security Innovation Network Showcase in Washington. (Mike Morones / Staff)
With phase one of the Homeland Security Department’s $6 billion cyber contract underway, agencies are starting to buy network scanning tools for their security arsenal.
The focus, for now, is defending against external cyberattackers and reducing their ability to exploit unauthorized or unprotected systems, software and devices that aren’t properly configured. DHS released its first request for quote last month.
Phase two of the program will address the insider threat, or what system privileges workers have, said John Streufert, director of DHS’ Federal Network Resilience division. Streufert spoke Dec. 5 at the Security Innovation Network Showcase in Washington.
DHS has yet to release details to industry about what the government will buy during phase two of the continuous monitoring program. But Streufert said the focus, in part, will be on system administrator authorities. The wider the authorities are, the more significant the service that can be provided to agency users, he said. But there is also the risk of those authorities being misused.
The goal is to automate how agencies control and manage administrative privileges on their networks, an issue that has gained greater prominence since the devastating leaks by former National Security Agency contractor Edward Snowden.
“Our goal is to provide enough authority to get the job done, not provide excess privileges,” Streufert said.
DHS also is reviewing bids for a separate dashboard contract, which is being competed among companies on the General Services Administration’s Alliant contract. Streufert said a single award is expected, but wouldn’t say when that will happen.
Vendors were asked to describe their capabilities for providing a dashboard for agencies to identify and prioritize cyber risks, and enable them to feed summary data into a federal dashboard for DHS to track network security trends in the dot-gov domain.
Preliminary data show agencies will be able to drive cost savings by consolidating their security purchases under the contract, but final numbers won’t be out until task orders are awarded and those costs can be compared with what agencies paid previously for the same technology.
Jeffrey Eisensmith, chief information security officer at DHS, said convincing department components to use the $6 billion contract hasn’t been a hard sell.
The Office of Management and Budget agreed to let agencies keep any savings from buying security tools on the contract and use that money to address their cyber issues, Eisensmith said.
“What about that value proposition are the components not going to want?” he said.