DHS awards $6 billion cybersecurity contract
This post is also available in: 
עברית (Hebrew)
The Department of Homeland Security just awarded contracts to 17 vendors for tools and services to continuously monitor federal systems and networks for cyber risks.
Most large civilian agencies have agreed to use the $6 billion contract, which will provide diagnostic tools for agencies to quickly identify and fix the most serious cyber risks in their networks. The year-long contract has four option years, and DHS has committed $185 million this fiscal year to launch the first of three phases under the Continuous Diagnostic and Mitigation Program.
According to Federal Times the General Services Administration awarded the blanket purchase agreement on behalf of DHS, and GSA will charge agencies a 2 percent fee for the use the contract.
The Defense Department and GSA have not signed agreements to use the contract, but GSA is expected to come on board in the near future, John Streufert, who leads the DHS program, said Tuesday following a panel at the SANS Critical Security Controls Summit in Washington.
DHS expects the monitoring tools will eventually conduct 60 billion to 80 billion security checks at least every three days across government networks. Summaries of that data will be reported to a DHS system called CyberScope and used to identify and address the government’s most severe security problems.
At the agency level, managers will be aware of all hardware and software that has access to their networks and ensure they meet security standards. The tools will continuously scan their networks and verify whether agency technology is properly configured.
A separate contract will be awarded for a dashboard, which will provide agencies a more comprehensive view of their security risks.
