Senate seeks cybersecurity information assurance operations support
On April 18, the U.S. Senate posted the following sources sought notice for cybersecurity information assurance operations support services. Responses are due no later than 6:00 PM EST April 29.
The purpose of this Sources Sought Notice is to gain knowledge of potential qualified industry sources for providing Cybersecurity Information Assurance Operations (IAO) support services to the United States Senate Office of the Sergeant at Arms (Senate or SAA). The Office of the Chief Information Officer (CIO) of the SAA has a broad range of responsibilities that includes providing a secure cyber environment in which to carry out Senate business. The cybersecurity infrastructure support services are primarily carried out in the SAA’s Cybersecurity Department using Senate furnished equipment (SFE) and systems. All requirements listed below are mandatory unless otherwise noted.
The SAA is responsible for the Senate cybersecurity. It is a part of the SAA’s mission to provide secure and reliable network services to the U.S. Senate. The Cybersecurity Department works to protect the security of U.S. Senate information and to maintain the secure operation of the U.S. Senate network infrastructure and its information technology resources.
The Senate has recently improved the network infrastructure to establish a more robust cyber security capability. The Cybersecurity Department, with support from its contractor staff, has been conducting cyber security operations for the Senate enterprise. The SAA is now seeking a contractor to perform Information Assurance Operations (IAO) as a complementary effort to the Senate Cyber Threat and Intelligence Cell and Cyber Security Operations Center (CSOC) activities.
The Information Assurance (IA) team is a newly developed team in the Cybersecurity Department focused solely on IAO activities to maximize the capability of the Cybersecurity Department to promote risk based decision making and perform proactive, predictive and adaptive Cybersecurity operations. The IA team requires support for its mission 1) to leverage industry expertise, state of the art technology, tactics, techniques and industry best practices regarding risk management frameworks; 2) to develop and validate cybersecurity mitigation strategies/security controls; and 3) to balance operational risk with cybersecurity risk.
Full information is available here.