The Cybersecurity and Infrastructure Security Agency plans to sign an industry contract for two projects next year that aim to further expand the government’s national multi-stakeholder cybersecurity exercises and develop new analytical skills to identify vulnerabilities and threats to global offering predict chain.
One of the contracts, managed by the agency’s National Risk Management Center, will develop a predictive analytics tool that can use artificial intelligence and machine learning to identify vulnerabilities in the information and communication technology supply chain. In questions and answers document The agency was unveiled to the public earlier this month and plans to bid for a contract to perform these services in spring 2022.
Another project will seek to contract with one or more vendors to help “plan, conduct, evaluate and manage a wide range” of cyber and physical security drills that the agency will conduct with public sector governments and critical infrastructure hosted. The work requires a top-secret clearance and officials plan to request information early next year before one or more contracts are awarded in mid-2022. Agency officials identified General Dynamics Information Technology and Dynamis as the incumbent contractors.
Both contracts will feed into larger cybersecurity initiatives that are already being carried out across the federal government.
The new forecast tool will help the KAG officials to further explore the interdependencies of the software and technology supply chains. While researching such interdependencies has long been a priority for CISA, it has become increasingly the focus of attention for the Biden administration over the past year as incidents such as the SolarWinds campaign hit the Kaseya ransomware attack and the Log4j vulnerability all highlight the widespread damage that malicious hackers can wreak by corrupting code in a widely used software product.
An executive order issued by President Joe Biden in February instructed Homeland Security and Commerce Ministers to report to the White House on ICT supply chain challenges, while a follow-up ordinance in May set expanded requirements for cyber incident reporting to ICT providers working with the government.
The National Risk Management Center was originally got up by CISA to identify and investigate the impact of individual incidents – such as a cyber attack on a specific critical infrastructure unit – on the country’s ability to perform essential functions such as internet services, GPS systems, banking and food supply. The center already has developed a list of more than 100 “national critical functions” which, if disrupted, could cause major collapses in society, but the presentation makes it clear that more work is needed to make these results actionable.
“In order for the national critical functions to be translated into operational results, information from a large number of public and private stakeholders must be aggregated and made useful for analysis and decision-making,” says a slide. “However, the integration of characteristics from physical, cyber, social and regulatory risk analysis is complex and, in addition to understanding the dependencies between them, also requires an individual analysis of the NCFs.”
Meanwhile, improving the federal government’s ability to stage complex, high-concept scenarios that help federal, state, local, and tribal government officials coordinate in the wake of a digital emergency has become a high priority for federal policy makers.
According to CISA, the agency conducts more than 80 such exercises each year with a pool of approximately 5,000 actors, and the latest National Defense Authorization Act contains a provision that a national exercise would create to simulate “the partial or total inoperability of a government or critical infrastructure network due to a cyber incident”.
The upcoming call will include requirements to help shape the agency’s exercises, assemble tabletop scenarios for public and private stakeholders to edit and write reports that outline recommendations and lessons learned. Work includes working with departments such as the National Risk Management Center, Emergency Communications Division, and Cyber Security Division to conduct virtual and face-to-face planning sessions and exercises to enhance the country’s collective digital and physical resilience to diseases such as COVID-19 , Ransomware attacks, active shooters and threats to the electoral infrastructure.
The document cites incidents like that Colonial pipeline and JBS Ransomware attacks, which resulted in wide-ranging disruptions in the gas and food supply chains in the past year, are the main motivation for procuring new analytical methods. She urges the agency to source specific skills from the private sector, including automated data pattern identification, web scraping, abnormal behavior identification and regional modeling and mapping of risk concentration in different industrial sectors.
#CISA #publishes #offers #Supply #Chain #Predictive #Tool #national #exercise #support