GSA posts DoD Enterprise Cyber Analytics RFI
On January 17, the General Services Administration (GSA) posted a request for information (RFI) for Enterprise Cyber Analytics. Responses are due by 3:00 p.m. Eastern on February 20.
This request is for information only regarding Enterprise Cyber Analytics tools which support business and security operations in a multi-classification Department of Defense (DoD) architecture following the DoD Zero Trust (ZT) paradigm. The capabilities have been grouped into two categories: those supporting Analytics & Visualization and those supporting Automation & Orchestration.
Failure to identify a capability in one category will not be identified as a failure in another category. Collaboration may be possible between industry partners to provide an integrated solution for Enterprise Cyber Analytics which meets regulatory requirements and desired functionality.
Current federal and DoD regulations require logging and monitoring of enterprise information systems. These activities are leveraged for the purpose of improving network resilience, increased security, and improved operations through the application of an enterprise cyber analytics program.
Through proactive use of captured data, analytics tools provide near real-time intelligence to support Security Operations Center (SOC) and Network Operations Center (NOC) teams. In the context of ZT, SIEM and SOAR tools are integrated to support Analytics, Visualization, and Automation objectives.
While capabilities in Table 1 are divided into SIEM and SOAR, a response which answers one capability may be appropriate since the development of a holistic analytics program may consist of multiple integrated products. For example, solutions which efficiently address automation and integration with case management may marry with another solution providing efficient and economical logging, log retention, and log management to deliver an acceptable solution.
The right opportunity can be worth millions. Don’t miss out on the latest IC-focused RFI, BAA, industry day, and RFP information – subscribe to IC News today.