Cybersecurity Best Practices During the COVID-19 Pandemic

Posted by Bill Zielinski
on June 2, 2020

The unprecedented and extraordinary efforts by businesses and Federal agencies to keep employees and customers safe during the COVID-19 pandemic have also inadvertently opened the door to cyberattacks.

Large-scale transitions to work-from-home technologies, heightened activity on many public-facing networks, and greater use of online services have presented new openings for cyber attackers to exploit. As people around the world shelter in place, they turn to online platforms to chat with friends, shop, work, and go to school. That transition to virtual life puts a large strain on cybersecurity controls.

Federal agencies face new daily challenges in assuring the security of networks. In the midst of the current global pandemic that imperative is even greater — they must protect their institutions while ensuring that daily tasks go on uninterrupted. The Office of Management and Budget (OMB) recommends that agencies “make risk-based decisions as appropriate to meet mission needs” during the COVID-19 pandemic.

It is important now for agency leaders to focus on supporting technologies and capabilities that are absolutely essential to their organizations’ operations. Priority actions — and relevant technologies — may include testing already existing security plans, continuously monitoring security systems, and maintaining access security. GSA’s Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN) provides Federal agencies with rapid access to cybersecurity vendors who can assist with the following priority actions and more.

Best practices

Testing and having incident response plans in place are helpful for any agency. If an agency has plans such as incident response, disaster recovery, or continuity, it is important to test those plans and assess any risks as soon as possible. GSA’s HACS SIN provides rapid access to vendors evaluated for incident response services.

Chief Information Security Officers (CISOs) should continue to monitor their systems closely in order to identify cybersecurity events and incidents as soon as they may appear. Focus areas include monitoring networks for new strains of malware, monitoring collaboration tools such as Google Drive or Dropbox, and monitoring personnel activity. CISOs can also monitor their systems by using Intrusion Detection Systems or their preferred live network monitoring software. The HACS SIN is an efficient way to access these capabilities.

Access management in a remote work environment is another essential focus area during the COVID-19 pandemic. Though cybersecurity is essential, so is the physical safety of the American people. Agencies are encouraging teleworking whenever possible to adhere to the Government’s social distancing guidelines, and cybersecurity experts are needed to help make telework safe and secure for employees.

With many — if not all — of an agency’s employees working from home, click-through rates for phishing emails may increase when employees no longer work closely enough with coworkers to ask them in person about suspicious activity. Remote work can also require agencies to enable offsite access to critical and/or confidential information, which can increase the risk of a cyber attack. Employees can mitigate this risk by adhering to their agency’s access control policy and utilizing secure connections (such as Two-Factor Authentication (2FA) and/or VPN) when accessing Government networks containing sensitive information.

The COVID-19 pandemic is first and foremost a human challenge, with heads of agencies and employees all juggling professional duties with personal and family responsibilities. The risk of cyberattacks will be elevated, but by focusing now on cyber activities — testing response plans, monitoring security systems, and maintaining personnel security — agencies can successfully maintain their security.

GSA is here to help connect Federal agencies with vendors that provide necessary cybersecurity services during this time through the HACS SIN solution. For more information, visit the HACS Homepage. To learn more about the additional services the HACS SIN provides, watch our HACS Overview Video.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

To get updates for this blog, please sign up on the right-hand side of the page where it says Sign up for Blog Updates.

Continue Reading...

Protecting State and Local Election Systems and Strengthening Cyber Defenses

Posted by Kay Ely
on September 12, 2018

By Kay Ely, Assistant Commissioner, Office of Information Technology Category

Preventing infiltration and tampering of elections systems and fortifying cyber defenses continue to be important topics.

Through our established IT contract vehicles, GSA can provide government agencies with access to cybersecurity products and services to improve resilience, protect important information, and bring election systems into compliance with leading-edge practices for enhancing security in today’s tech-savvy environment.

Cooperative Purchasing Program

GSA’s Cooperative Purchasing Program allows state, local, and tribal governments to benefit from access to solutions, products, and services from pre-vetted industry partners through IT Schedule 70 — the same as those offered to federal agencies.

That means these government agencies can buy the newest cybersecurity offerings under the Highly Adaptive Cybersecurity Services (HACS) and Continuous Diagnostics and Mitigation (CDM) Special Item Numbers (SINs) which can help with risk assessments and management of election systems.

Cyber Products and Services

Services offered by our HACS partners:

  • Risk and Vulnerability Assessment (RVA) services that adhere to the Department of Homeland Security’s (DHS) methodology for assessing High Value Assets
  • Penetration Testing to proactively identify and detect cyber vulnerabilities
  • Cyber Hunt to mitigate immediate and potential threats
  • Incident Response to expand government’s ability to recover from cyber attacks

Government agencies can also buy cybersecurity tools that are on DHS’s CDM Approved Product List through the CDM Tools SIN. These offer hardware and software tools designed to:

  • Identify enterprise cybersecurity risks on an ongoing basis
  • Prioritize these risks based upon potential impacts
  • Enable cyber security personnel to mitigate the most significant problems first

Here at GSA, we are committed to providing the best quality products and services to our state, local, and tribal government customers and we’re ready to help you secure our nation’s systems.

For more information on the HACS and CDM Tools SINs, visit https://gsa.gov/itsecurity, or contact the IT Security Subcategory Team at itsecuritycm@gsa.gov.

Continue Reading...

The Next Phase for HACS (Cyber) — Modernization

Posted by Kay Ely
on May 29, 2018

By Kay Ely, Assistant Commissioner, Office of Information Technology Category

Cybersecurity incidents and on-going emerging threats to our data, networks, and systems over the last few years have significantly changed how we approach cybersecurity. GSA remains committed to ensuring the government’s long-term security, responsiveness, and efficiency when it comes to monitoring and protecting our valuable digital assets and IT systems.

We’re always proactively focusing on the products, services, and vehicles needed to help carry out agency missions. We’re also sharpening our focus on cyber acquisition solutions, so security is integrated into the system acquisition process. This means that we’re constantly evaluating and improving our solutions.

With this in mind, our Highly Adaptive Cybersecurity Services (HACS) program is entering its next phase: HACS Modernization.

Today’s HACS Portfolio on IT Schedule 70 consists of four Special Item Numbers (SINs):

  • Cyber Hunt
  • Incident Response
  • Penetration Testing
  • Risk and Vulnerability Assessment

Feedback from the expert providers in the cybersecurity services market can help us further enhance our current array of HACS offerings. Enhancements to GSA’s cybersecurity acquisition solutions will not only help us drive more use by agencies, it will also lead to improved outcomes and safer IT systems for federal, state, local, tribal, and territorial governments.

To that end, our team is working to make it easier for industry to provide feedback through two RFIs and a stakeholder event in June.

HACS Modernization Requests for Information (RFI)

To determine the best course of action, we released two HACS Modernization Requests for Information (RFI) on May 22, 2018, one for agencies and the other for industry partners. We encourage our current HACS suppliers and agency partners to participate in those RFIs. We particularly want feedback from those agencies that have not yet used the HACS SINs.

The RFIs are open until June 23, 2018 at 5 p.m. EDT

June 18 Stakeholder Event

We’re also hosting a HACS Stakeholder Event on Monday, June 18, 2018, from 9 a.m. to 1 p.m. EDT at GSA headquarters to discuss the HACS program’s past, present, and future.

We welcome both in-person and virtual attendees. We’ll be featuring guest speakers from Department of Homeland Security (DHS), Office of Management and Budget (OMB), and GSA’s Office of IT Category and GSA’s Office of Small Business Utilization (OSBU).

Let’s Work Together

We want to hear what you think about the cybersecurity landscape and how effective you think GSA’s current services are now, where we can improve them for the future, and the best ways to enhance our delivery to agencies.

Please respond to the relevant RFIs and attend our Stakeholder Event. Together we can enhance our HACS program and deliver a total package that helps agencies securely accomplish their mission.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government I

Continue Reading...