The Commerce Department wants to migrate three main cybersecurity programs to the cloud so that those security components can be run more efficiently.
The agency last month issued a request for information to industry on how it can best go about doing so. According to the RFI, the department wants to allow its CIO office to more easily get access and make changes to its cybersecurity monitoring environment.
Specifically, Commerce wants to move the applications and capabilities of its Enterprise Security Operations Center (ESOC), Enterprise Cybersecurity Monitoring and Operations (ECMO) and parts of its Continuous Diagnostic and Mitigation (CDM) program to the cloud. The environment will need be a high impact level from a cloud service provider approved by the General Services Administrations Federal Risk and Authorization Management Program.
ESOC is the principal security operations center for the agency, and its responsible for coordinating communication with the Department of Homeland Security, the U.S. Computer Emergency Readiness Team, the Office of Management and Budget and other agencies. ECMO fulfills an OMB requirement to continuously monitor security-related information from across the agency.
Currently, the programs are hosted in data centers and overseen by staff at two separate locations run by department components ESOC at a National Oceanic and Atmospheric Administration facility in Fairmont, W.Va., and ECMO at a National Institute of Standards and Technology location in Germantown, Md.
However, because those facilities are focused on the responsibilities and priorities of NOAA and NIST, they are not solely dedicated to responding to the Commerce Departments modifications, and agency staff cannot get access to make those changes, according to the RFI.
This has resulted in delays in configuration requests and in implementing new functionality, the RFI notes. Additionally, bandwidth adequacy and scalability has impacted the ESOCs capacity to quickly and efficiently analyze transmitted log data.
CDM gives agencies capabilities and tools that provide network administrators with real-time information about the state of their networks in order to describe the relative risk of specific cybersecurity threats and make it possible for agencies to rapidly identify and mitigate vulnerabilities. Currently, the CDM program is funded by DHS, which manages CDM for the government. However, the RFI notes, Commerce is required to begin funding components of the CDM program in 2018 and is considering migrating at least some of its storage and computing requirements to the cloud.
Migrating ESOC, ECMO and some parts of its CDM toolsets will allow Commerce to improve its access and ability to make timely changes to its cybersecurity monitoring environment. The cloud hosting environment would have the flexibility to easily scale in order to accommodate additional functionality and data log feeds as needed, and would offer a transparent pricing model to make costs predictable, the RFI adds.
Commerce has some specific ideas in mind for what it wants a cloud provider to bring to the table by hosting its cybersecurity, according to the RFI.
The winning contractor will analyze the agencys current hosting environments to determine the operating requirements of its current cybersecurity operations infrastructure. The winner will also recommend a cloud hosting architecture, considering the agencys current and future cybersecurity operations capabilities.
Additionally, the cloud provider will, in consultation with the agency, develop a project plan and oversee the migration of Commerces cybersecurity applications and operations to the federal cloud.
Further, the cloud provider will perform all necessary system security assessment and authorization activities in accordance with theFederal Information Security Modernization Act of 2014, NIST Special Publications, the departments Information Technology Security Program Policy, Commerce Information Technology Requirements and departmental policy memos.
To meet other security requirements, the cloud provider will need to collect all information required to conduct a supply chain risk assessment, provide ongoing maintenance and administration of the cloud hosting service, and help the agency develop a service-level agreement and appropriate metrics for cloud hosting availability, operations management and cost efficiency.
View original post here:
Commerce Department Plans to Move Cybersecurity to the Cloud – FedTech Magazine
- VMware Cloud Hosting Services Provider | TrueNorth ITG - April 28th, 2019
- What is cloud hosting? | IBM Cloud - April 18th, 2019
- What is cloud hosting? - Definition from WhatIs.com - April 18th, 2019
- What is Cloud Hosting and What Are the Benefits - April 18th, 2019
- How will cloud hosting affect your SEO campaign? | The Drum - April 18th, 2019
- Cloud Hosting Services | Steadfast - April 18th, 2019
- The Best Cloud Web Hosting Services for 2019 | PCMag.com - April 12th, 2019
- Web Hosting - Hosting Ireland Provides Web Hosting ... - March 23rd, 2019
- ZOOM Web Hosting and Domain Registration Philippines is a ... - March 13th, 2019
- Hostway and HOSTING Merge, Creating One of the Largest ... - March 8th, 2019
- 7 Best Managed Cloud Hosting Providers of 2018 - WPMyWeb - March 2nd, 2019
- Cloud Hosting vs. Shared Hosting Comparison | HostGator - March 2nd, 2019
- Shared Web Hosting Plans - Fast & Secure Shared Hosting ... - February 15th, 2019
- Cloud Hosting Services | Cloud and Hosting | Sungard AS - February 8th, 2019
- 10 Best Cloud Hosting Service in 2019 - AppModo - January 21st, 2019
- Best Cloud hosting January 2019 | WebHostingGeeks - January 21st, 2019
- Cloud Products & Services | HOSTING - January 11th, 2019
- Cloud Hosting - Super Powerful and Fully Redundant | TMDHosting - January 11th, 2019
- Cloud Hosting Services - Secure Managed Cloud Hosting - Bluehost - October 26th, 2018
- Indias Best Cloud Hosting | Cloud Servers | Cloud Service ... - October 16th, 2018
- QuickBooks Hosting Fast, Secure Cloud Hosting | Ace Cloud ... - October 2nd, 2018
- Cloud Services - Deploy web apps & APIs | Microsoft Azure - October 2nd, 2018
- HIPAA Compliant Cloud Hosting Services - atlantic.net - September 15th, 2018
- 2018's Best "Cloud Hosting" Providers | 100% Real Reviews - September 15th, 2018
- Best Cloud Hosting Providers of 2018 | HostAdvice - August 27th, 2018
- Shared Hosting vs Cloud Hosting - How To Start A Blog - August 27th, 2018
- 10 Best Cloud Server Hosting Providers (2018): Top Cloud ... - August 21st, 2018
- Google Cloud IoT Reviews and Pricing - 2018 - July 12th, 2018
- Cloud Hosting Plans - Secure & Scalable Services | HostGator - May 18th, 2018
- Best cloud hosting providers in 2018 | TechRadar - May 14th, 2018
- Cloud Hosting - Cloud - Windows - March 2nd, 2018
- Cloud Servers | Cloud Hosting | Web Hosting - Cirrus Hosting - February 20th, 2018
- Managed Dedicated, Cloud and Hosting Services - February 20th, 2018
- What is Cloud Hosting? | Web Hosting Sun - February 12th, 2018
- Cloud Hosting - Managed Cloud Services - January 9th, 2018
- Cloud Hosting by Perry Hosting - December 11th, 2017
- What Is Cloud Hosting? | GoDaddy - YouTube - December 11th, 2017
- Linux VPS | Best Managed Linux Cloud Hosting - RoseHosting - November 24th, 2017
- Cloud hosting platforms. Part one: Pantheon | ADCI Solutions - November 24th, 2017
- Get to know Linode, the new (big) kid in town - Technical.ly - September 7th, 2017
- 500 Cloud Operators, Managed Service Companies and Hosters to Gather at the 13th Annual Hosting & Cloud ... - Benzinga - September 7th, 2017
- Cloud ERP: The rising alternative to hosting your own - Networks Asia - September 7th, 2017
- Melbourne Server Hosting Renamed to iomart - Web Host Industry Review - September 6th, 2017
- Cloud ERP: The rising alternative to hosting your own - CIO Australia - September 6th, 2017
- Dean Dorton Technology named to Sage Intacct President's Club, Rookie of the Year and New Partner of the Second ... - The Lane Report - September 6th, 2017
- Microsoft Signs Deal to Put More Apps on Huawei's Cloud in China - eWeek - September 6th, 2017
- Cloud Hosting Providers CommsTrader's UK Channel Guide 2017 - CommsTrader - September 5th, 2017
- Huawei announces Microsoft cloud apps partnership - ZDNet - September 5th, 2017
- Trump Effect Could Cost US Cloud Providers Over $10 Billion: Report - Web Host Industry Review - September 2nd, 2017
- Cost Reduction Strategies on Java Cloud Hosting Services - InfoQ.com - August 30th, 2017
- Cloud Native The Perfect Storm for Managed SD-WAN Services - Network World - August 30th, 2017
- Why 2017 is the Year to Understand Cloud Computing - Business 2 Community - August 28th, 2017
- President Trump Could Cost US Cloud Computing Providers More Than $10 billion by 2020 - The Data Center Journal - August 28th, 2017
- What You NEED To Look For In A Cloud Hosting SLA - TG Daily (blog) - August 27th, 2017
- President Trump Could Cost US Cloud Computing Providers More ... - The Data Center Journal - August 27th, 2017
- State of Cloud - 2017 - Read IT Quik - August 22nd, 2017
- President Trump could cost US cloud computing providers more than $10 billion by 2020 - Bdaily - August 22nd, 2017
- Microsoft No Longer a PC Company with Deals Like Halliburton, Says Credit Suisse - Barron's - August 22nd, 2017
- Did Snap Make a Mistake With Its $3 Billion in Cloud Contracts? - Madison.com - August 21st, 2017
- Right Networks continues focus on tech improvement with new CIO - Accounting Today - August 21st, 2017
- Altinity Provides Cloud Version of ClickHouse on Kodiak Data MemCloud - Markets Insider - August 21st, 2017
- NASA calls on cloud for online eclipse streaming - GCN.com - August 21st, 2017
- Cloud Hosting Reviews and Comparisons | Cloud Hosting Directory - August 19th, 2017
- Free cloud hosting: comparing the top providers offer - August 19th, 2017
- Microsoft Expands HPC Cloud Portfolio With Cycle Computing Acquisition - eWeek - August 19th, 2017
- UC San Diego Health: Moving Its EHR to the Cloud, Strategically - Healthcare Informatics - August 19th, 2017
- Rackspace's first in-house attorney for international moves on - San Antonio Business Journal - August 19th, 2017
- Microsoft Acquires Cycle Computing to Bulk Up its HPC Cloud Services - eWeek - August 18th, 2017
- Massive Potential Attracts International Players to Iran's Cloud Computing Market, Despite Challenges - PR Newswire (press release) - August 18th, 2017
- These Inventors Need To Conquer Cryptocurrency To Change Cloud Computing - Celebrity Net Worth - August 18th, 2017
- 360 Cloud Solutions now offers Adaptive Insights - Accounting Today - August 18th, 2017
- Hackers breach third party cloud vendor TekLinks - Healthcare IT News - August 18th, 2017
- Stronger security and disaster planning fuel healthcare's migration to the cloud - Healthcare IT News - August 16th, 2017
- Hackers hit dermatology practice through cloud vendor - Information Management - August 16th, 2017
- Hackers hit dermatology practice through cloud vendor - Health Data Management - August 15th, 2017
- Unisecure Hybrid Cloud Hosting Introduces New Integration And Collaboration Support. - HostReview.com (press release) - August 14th, 2017
- CenterGrid Names Kevin Westendorf As Chief Technology Officer - Markets Insider - August 14th, 2017
- Earth911.com - Earth911.com - August 14th, 2017
- Snap CEO Evan Spiegel Makes A Case For Slow User Growth - Fortune - August 11th, 2017
- RiverMeadow and WSM Announce Agreement to Facilitate Cloud Migrations - GlobeNewswire (press release) - August 11th, 2017