The agency is looking for a contractor to provide 24/7 support to detect and monitor cybersecurity threats.
The National Oceanic and Atmospheric Administration’s Cyber Security Division is looking for help supporting the agency’s cybersecurity mission, according to a request for information.
Friday’s filing noted that the mission aims “to protect and defend the use of cyberspace from cyber-attacks and to protect NOAA information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction.”
According to the filing, NOAA’s Cyber Security Center—or NCSC—will have the capability to provide security operations center-as-a-service for its partners—DOC and its bureaus—and that NCSC is also responsible for the Commerce Department’s Enterprise Security Operations Center—or ESOC—and its related engineering requirements. Moreover, NCSC will provide NOAA and its partners with “comprehensive cyber security services…as a shared service,” according to the request for information.
Specifically, as noted in the filing, NCSC and ESOC will provide several support offerings, namely: the NOAA Security Operations Center, infrastructure support, enterprise cyber security services, the Commerce Department Enterprise Security Operations Center itself and Commerce Department ESOC engineering services.
NOAA seeks a contractor that can provide the following: the capability to detect and respond to potential cybersecurity threats 24/7 by monitoring events, performing security analysis and using event correlation. These can be performed via security information and event management, as well as through the security orchestration, automation and response platform and IT security intelligence feeds for NOAA’s SOC and ESOC.
Additionally, NOAA is looking for 24/7 support for NCSC’s enterprise cyber security services, including a multi-agency trusted internet connection, continuous diagnostics and mitigation tools and IT operations support for NCSC. Lastly, as noted in the filing, NOAA is asking for the contractor to provide the Commerce Department’s ESOC with engineering services for the integration of data and services.
NOAA outlined specifications and requirements for the primary contractor, such as prior work in a similar area.
NOAA originally filed the notice on Jan. 12, but updated it on Jan. 20 to reflect a different North American Industry Classification System—or NAICS—code, which is used to classify businesses. The agency noted that it is only seeking sources at this time for information and planning purposes, it is not committing to issue a solicitation.
Responses are due via email to the contracting officer by Jan. 26 at 10am EST.
Source: https://www.nextgov.com/cybersecurity/2023/01/noaa-looks-industry-support-boost-its-cybersecurity-efforts/382083/