One of America's largest government agencies is on the hunt for vendors to assist with its cybersecurity efforts. The Department of Defense has begun the search for a partner to run its threat database and case management system, according to Nextgov. These IT systems are intended to improve threat response processes and help keep classified information safe. The move comes as the agency has faced multiple recent cybersecurity setbacks, including delaying deployment on a $2 billion project designed to detect intrusions and being amongst the targets of a government-wide cybersecurity breach carried out by Russia, according to Bloomberg.
Assisting with case management
Any cybersecurity threat against the Department of Defense is handled by the Defense Counterintelligence and Security Agency. This organization is charged with reporting threats and other related information in the Defense Department's Insider Threat Management Analysis Center. DITMAC serves as a database of threats and is essential for cybersecurity case management for the department. The IT systems that support the program are referred to as the DITMAC System of Systems, or DSoS.
DITMAC and DSoS currently utilize a mix of DCSA-owned cloud infrastructure and public resources provided by Amazon Web Services. The agency is hoping that its new contractor can house the project in one place and increase its operating capability. In all, seven principle tasks are listed as a part of the contract.
"The contractor shall undertake an agile approach to provide the DSoS PMO with strategic planning, iterative improvements, enhancement, cybersecurity, engineering, operations and maintenance, and programmatic support services for the DSoS and its PMO," an agency notice stated.
The agency is looking to begin the contract in September 2021 and renew on an annual basis for a four-year period.
While the Department of Defense turns to the private sector to assist with one area of cybersecurity improvement, it faces challenges on related fronts. The agency recently paused the deployment of a system intended to better detect cybersecurity threats on its classified networks. The revamp effort, which began in 2015 and has cost about $2 billion, was deemed "unable to help network defenders protect DoD component networks against operationally realistic cyberattacks," according to testing chief Robert Behler. Despite the potential issues, the system will still be deployed as previously planned on non-classified networks.
These delays also come as the DoD has been forced to deal with the fallout of a major government-wide intrusion, most likely carried out by hackers connected to the Russian government. The exploit was initially reported Dec. 8 by the cybersecurity firm FireEye, which announced that several of its tools and data had been stolen. Within days, cybersecurity experts were able to trace the breach to malware attached to an update from a software company with contracts throughout the public sector, according to The Hill.
In addition to the Defense Department, major targets included the departments of Commerce, Energy, Homeland Security, State and Treasury, as well as various subsidiary agencies like the National Institutes of Health.
Advanced cybersecurity for any organization
Even if you aren't charged with protecting government secrets, your data is still important and deserves to be kept safe from hackers. One of the easiest and most important ways to shore up your network is by ensuring all of your applications are protected by the modern, secure identity frameworks. This can include multi-factor authentication and some vendors are even moving to integrate bio-recognition such as fingerprint readers.