Notice ID 47QFRA22K0005
CISA leads the national effort to defend critical infrastructure against the threats of today while working with partners across all levels of government and in the private sector to secure against the evolving risks of tomorrow. CISA’s mission includes protecting the Federal Government’s networks and physical infrastructure, helping entities in the public and private sectors manage potential risk, and enhancing public safety communications at federal, state, local, tribal, and territorial governments.
In support of the FCEB, CISA is exploring a PES solution to protect email traffic and to conduct threat hunting and incident response.
The CISA PES objectives are to:
- Normalize and provide baseline security and visibility for FCEB email.
- Detect and protect federal enterprise from malicious email content as part of the CISA mission to manage FCEB risk.
- Detect and prevent the federal enterprise email from being used as a vector for malicious threat actors against itself and non-federal entities.
- Provide appropriate visibility into agency email traffic to enable CISA Global Operators to conduct cyber hunt and incident response.
- Be able to leverage CISA’s and FCEB entity data holdings in cyber hunt, prevention, mitigation, and incident response activities
CISA will provide PES for FCEB agencies. PES management will be a shared responsibility between CISA and FCEB agencies…”
“V. OVERVIEW OF SECURITY OPERATIONS SERVICES OFFERING
PES will be cloud-based and accessible to authorized entities via a management console and application program interfaces (APIs). The figure below shows PES, the PES-provided CISA Global Operator functions, and the FCEB agencies. PES deployment configuration, including the location of enforcement points, is not defined in the figure. The PES solution may or may not include the email platform.
CISA understands that PES can be delivered using a variety of architectural designs. For example, PES could be implemented directly on email platforms as a native security capability of the email platform. PES could also be implemented as a gateway service (e.g., Secure Email Gateway) where FCEB email traffic is directed to the gateway. Or a hybrid method could be implemented that offers a combination of enforcement points. It is expected that individual agencies will continue to own and operate their email services and host them either on-premises, in the cloud (e.g., Microsoft Office 365 and Google workspace), or with supplemental products or services that support hybrid environment…”