The Commerce Department wants to migrate three main cybersecurity programs to the cloud so that those security components can be run more efficiently.
The agency last month issued a request for information to industry on how it can best go about doing so. According to the RFI, the department wants to allow its CIO office to more easily get access and make changes to its cybersecurity monitoring environment.
Specifically, Commerce wants to move the applications and capabilities of its Enterprise Security Operations Center (ESOC), Enterprise Cybersecurity Monitoring and Operations (ECMO) and parts of its Continuous Diagnostic and Mitigation (CDM) program to the cloud. The environment will need be a high impact level from a cloud service provider approved by the General Services Administrations Federal Risk and Authorization Management Program.
ESOC is the principal security operations center for the agency, and its responsible for coordinating communication with the Department of Homeland Security, the U.S. Computer Emergency Readiness Team, the Office of Management and Budget and other agencies. ECMO fulfills an OMB requirement to continuously monitor security-related information from across the agency.
Currently, the programs are hosted in data centers and overseen by staff at two separate locations run by department components ESOC at a National Oceanic and Atmospheric Administration facility in Fairmont, W.Va., and ECMO at a National Institute of Standards and Technology location in Germantown, Md.
However, because those facilities are focused on the responsibilities and priorities of NOAA and NIST, they are not solely dedicated to responding to the Commerce Departments modifications, and agency staff cannot get access to make those changes, according to the RFI.
This has resulted in delays in configuration requests and in implementing new functionality, the RFI notes. Additionally, bandwidth adequacy and scalability has impacted the ESOCs capacity to quickly and efficiently analyze transmitted log data.
CDM gives agencies capabilities and tools that provide network administrators with real-time information about the state of their networks in order to describe the relative risk of specific cybersecurity threats and make it possible for agencies to rapidly identify and mitigate vulnerabilities. Currently, the CDM program is funded by DHS, which manages CDM for the government. However, the RFI notes, Commerce is required to begin funding components of the CDM program in 2018 and is considering migrating at least some of its storage and computing requirements to the cloud.
Migrating ESOC, ECMO and some parts of its CDM toolsets will allow Commerce to improve its access and ability to make timely changes to its cybersecurity monitoring environment. The cloud hosting environment would have the flexibility to easily scale in order to accommodate additional functionality and data log feeds as needed, and would offer a transparent pricing model to make costs predictable, the RFI adds.
Commerce has some specific ideas in mind for what it wants a cloud provider to bring to the table by hosting its cybersecurity, according to the RFI.
The winning contractor will analyze the agencys current hosting environments to determine the operating requirements of its current cybersecurity operations infrastructure. The winner will also recommend a cloud hosting architecture, considering the agencys current and future cybersecurity operations capabilities.
Additionally, the cloud provider will, in consultation with the agency, develop a project plan and oversee the migration of Commerces cybersecurity applications and operations to the federal cloud.
Further, the cloud provider will perform all necessary system security assessment and authorization activities in accordance with theFederal Information Security Modernization Act of 2014, NIST Special Publications, the departments Information Technology Security Program Policy, Commerce Information Technology Requirements and departmental policy memos.
To meet other security requirements, the cloud provider will need to collect all information required to conduct a supply chain risk assessment, provide ongoing maintenance and administration of the cloud hosting service, and help the agency develop a service-level agreement and appropriate metrics for cloud hosting availability, operations management and cost efficiency.
View original post here:
Commerce Department Plans to Move Cybersecurity to the Cloud – FedTech Magazine
- HIPAA Compliant Cloud Hosting Services - atlantic.net - September 15th, 2018
- 2018's Best "Cloud Hosting" Providers | 100% Real Reviews - September 15th, 2018
- Best Cloud Hosting Providers of 2018 | HostAdvice - August 27th, 2018
- Shared Hosting vs Cloud Hosting - How To Start A Blog - August 27th, 2018
- 10 Best Cloud Server Hosting Providers (2018): Top Cloud ... - August 21st, 2018
- Google Cloud IoT Reviews and Pricing - 2018 - July 12th, 2018
- Cloud Hosting Plans - Secure & Scalable Services | HostGator - May 18th, 2018
- Best cloud hosting providers in 2018 | TechRadar - May 14th, 2018
- Cloud Hosting - Cloud - Windows - March 2nd, 2018
- Cloud Servers | Cloud Hosting | Web Hosting - Cirrus Hosting - February 20th, 2018
- Managed Dedicated, Cloud and Hosting Services - February 20th, 2018
- What is Cloud Hosting? | Web Hosting Sun - February 12th, 2018
- Cloud Hosting - Managed Cloud Services - January 9th, 2018
- Cloud Hosting by Perry Hosting - December 11th, 2017
- What Is Cloud Hosting? | GoDaddy - YouTube - December 11th, 2017
- Linux VPS | Best Managed Linux Cloud Hosting - RoseHosting - November 24th, 2017
- Cloud hosting platforms. Part one: Pantheon | ADCI Solutions - November 24th, 2017
- Get to know Linode, the new (big) kid in town - Technical.ly - September 7th, 2017
- 500 Cloud Operators, Managed Service Companies and Hosters to Gather at the 13th Annual Hosting & Cloud ... - Benzinga - September 7th, 2017
- Cloud ERP: The rising alternative to hosting your own - Networks Asia - September 7th, 2017
- Melbourne Server Hosting Renamed to iomart - Web Host Industry Review - September 6th, 2017
- Cloud ERP: The rising alternative to hosting your own - CIO Australia - September 6th, 2017
- Dean Dorton Technology named to Sage Intacct President's Club, Rookie of the Year and New Partner of the Second ... - The Lane Report - September 6th, 2017
- Microsoft Signs Deal to Put More Apps on Huawei's Cloud in China - eWeek - September 6th, 2017
- Cloud Hosting Providers CommsTrader's UK Channel Guide 2017 - CommsTrader - September 5th, 2017
- Huawei announces Microsoft cloud apps partnership - ZDNet - September 5th, 2017
- Trump Effect Could Cost US Cloud Providers Over $10 Billion: Report - Web Host Industry Review - September 2nd, 2017
- Cost Reduction Strategies on Java Cloud Hosting Services - InfoQ.com - August 30th, 2017
- Cloud Native The Perfect Storm for Managed SD-WAN Services - Network World - August 30th, 2017
- Why 2017 is the Year to Understand Cloud Computing - Business 2 Community - August 28th, 2017
- President Trump Could Cost US Cloud Computing Providers More Than $10 billion by 2020 - The Data Center Journal - August 28th, 2017
- What You NEED To Look For In A Cloud Hosting SLA - TG Daily (blog) - August 27th, 2017
- President Trump Could Cost US Cloud Computing Providers More ... - The Data Center Journal - August 27th, 2017
- State of Cloud - 2017 - Read IT Quik - August 22nd, 2017
- President Trump could cost US cloud computing providers more than $10 billion by 2020 - Bdaily - August 22nd, 2017
- Microsoft No Longer a PC Company with Deals Like Halliburton, Says Credit Suisse - Barron's - August 22nd, 2017
- Did Snap Make a Mistake With Its $3 Billion in Cloud Contracts? - Madison.com - August 21st, 2017
- Right Networks continues focus on tech improvement with new CIO - Accounting Today - August 21st, 2017
- Altinity Provides Cloud Version of ClickHouse on Kodiak Data MemCloud - Markets Insider - August 21st, 2017
- NASA calls on cloud for online eclipse streaming - GCN.com - August 21st, 2017
- Cloud Hosting Reviews and Comparisons | Cloud Hosting Directory - August 19th, 2017
- Free cloud hosting: comparing the top providers offer - August 19th, 2017
- Microsoft Expands HPC Cloud Portfolio With Cycle Computing Acquisition - eWeek - August 19th, 2017
- UC San Diego Health: Moving Its EHR to the Cloud, Strategically - Healthcare Informatics - August 19th, 2017
- Rackspace's first in-house attorney for international moves on - San Antonio Business Journal - August 19th, 2017
- Microsoft Acquires Cycle Computing to Bulk Up its HPC Cloud Services - eWeek - August 18th, 2017
- Massive Potential Attracts International Players to Iran's Cloud Computing Market, Despite Challenges - PR Newswire (press release) - August 18th, 2017
- These Inventors Need To Conquer Cryptocurrency To Change Cloud Computing - Celebrity Net Worth - August 18th, 2017
- 360 Cloud Solutions now offers Adaptive Insights - Accounting Today - August 18th, 2017
- Hackers breach third party cloud vendor TekLinks - Healthcare IT News - August 18th, 2017
- Stronger security and disaster planning fuel healthcare's migration to the cloud - Healthcare IT News - August 16th, 2017
- Hackers hit dermatology practice through cloud vendor - Information Management - August 16th, 2017
- Hackers hit dermatology practice through cloud vendor - Health Data Management - August 15th, 2017
- Unisecure Hybrid Cloud Hosting Introduces New Integration And Collaboration Support. - HostReview.com (press release) - August 14th, 2017
- CenterGrid Names Kevin Westendorf As Chief Technology Officer - Markets Insider - August 14th, 2017
- Earth911.com - Earth911.com - August 14th, 2017
- Snap CEO Evan Spiegel Makes A Case For Slow User Growth - Fortune - August 11th, 2017
- RiverMeadow and WSM Announce Agreement to Facilitate Cloud Migrations - GlobeNewswire (press release) - August 11th, 2017
- Driving operational excellence with your cloud vendors - Network World - August 10th, 2017
- Amazon jumps on Kubernetes bandwagon - ZDNet - August 10th, 2017
- Epic Move: UC San Diego Health Transitions to Cloud Technology - UC San Diego Health - August 10th, 2017
- St. Cloud to Host Summer Sizzler Downtown Art Crawl - WJON News - August 10th, 2017
- Cloud management platforms offer a unified approach to hybrid IT - TechTarget - August 10th, 2017
- CA Health System Begins Cloud-Based Epic EHR Implementation - EHRIntelligence.com - August 10th, 2017
- Home Office seeks partner for AWS switch after current hosting ... - www.channelweb.co.uk - August 9th, 2017
- Planning Your Journey to the Cloud - TV Technology - August 9th, 2017
- Marias Technology adds Microsoft Azure to its Hosting Services - GlobeNewswire (press release) - August 9th, 2017
- IBM CIO leaves for AWS and Big Blue flings sueball to stop him - The Register - August 9th, 2017
- How To Win at Cloud Hosting in a Microsoft-AWS-Google World - Redmond Channel Partner - August 8th, 2017
- Epic Move: UC San Diego Health Transitions to Cloud Technology - Newswise (press release) - August 8th, 2017
- Global Health wins contract to deploy cloud system at Sydney hospital - Proactive Investors Australia - August 8th, 2017
- As Tech Execs Rally Around Kushner, Government Cloud Adoption Still Has Ways to Go - Windows IT Pro - August 8th, 2017
- Heavy clouds in IT world make it rain gold for UPS box manufacturers - The Register - August 8th, 2017
- Project Manager - Amazon, Google, Microsoft Cloud Hosting - Dorking and Leatherhead Advertiser - August 6th, 2017
- From Public Cloud to Hybrid IT Straight From the Horse's Mouth - InfoWorld - August 6th, 2017
- How companies can boost their website in China's clouded market - Cloud Tech - August 4th, 2017
- Cloud computing facility launched - Times of India - August 4th, 2017
- Aerohive Achieves Unmatched Scale and Flexibility in Cloud-Managed Networking - Patch.com - August 4th, 2017
- 'UK cloud services are strong and ready to compete with the world's best tech economies', Cloudreach CEO says as ... - Data Economy - August 3rd, 2017
- Marijuana startup Lemonhaze leverages Bizspark to jump from AWS to Azure - OnMSFT (blog) - August 3rd, 2017