Notice ID: 19AQMM20N0077
“The Department of State has made substantial investments in migrating software, services, and IT operations to Cloud Service Providers (CSPs). These investments include Software As A Service (SAAS), Platform As A Service (PAAS), and Infrastructure As A Service (IAAS) products from government centric and commercial focused cloud offerings. The Bureau of Diplomatic Security (DS), Directorate of Cyber and Technology Security (CTS), Office of Cyber Monitoring and Operations (CMO) is seeking industry perspectives on leveraging managed security services with each of these cloud architectures. The Department is seeking to identify managed security services technical capabilities and conduct market research in the following areas for a multi-cloud environment:
- Providing managed security services to cloud platforms, to include:
- centralized information technology (IT) security event monitoring and incident detection/response capabilities;
- incident detection to facilitate timely responses to cyber threats preventing widespread propagation of malicious activity;
- threat information collection and analysis with the cloud environment, potentially augmented with USG provided threat intelligence.
- threat and vulnerability analysis to ensure systems protection from internal and external threats that would compromise the confidentiality, integrity, or availability of Department information, infrastructure, and systems; and
- analysis of cybersecurity events to identify intrusions, malware, maintain metrics, and produce reports for management, IT security officials, federal defenders and cyber incident responders.
- penetration test services for new and expanding on and off prem environments.
- Comparative decision points as they relate to Bring Your Own Tech (BYOT) and Provider provided tools.
- Industry insight as to managed security service provider tools and/or data architecture/s for SAAS, PAAS, and IAAS respectively with customer requirements for maximum services value to the Department.
- Ensuring seamless coordination and partnership with the mature Department Cyber Incident Response Team (CIRT); and
- Providing additional consulting services to continuously improve the multi cloud cybersecurity program.”