The Department of Homeland Security (DHS) is taking a cross-component agency approach in securing DHS’ 17 Security Operations Centers (SOCs), DHS CIO John Zangardi explained in an interview with GovernmentCIO released this week.
Zangardi said the agency is focusing intently on network security and improving operations of its SOCs. He said that rather than using a top-down approach for SOC optimization, DHS instead decided on a bottom-up tack, and assigned CISOs from different DHS component organizations to the task.
“Instead of my [CISO] or CISO shop running it, we assigned CISOs from the different components to do this,” Zangardi said. He added that the CISO from Customs and Border Protection is “in charge of the approach we’re going to take on tools,” as one example of how the overall effort was divvied up.
The SOCs are set to undergo inspection in December with the goal of SOCs receiving “authority to process,” he said.
Earlier this month, DHS issued a request for information as it builds a multiple-award, single-contract vehicle for vendors to manage the 17 SOCs. The required services include network monitoring and security event analysis; email security monitoring and analysis; and computer security incident response and management.
Today, the DHS Office of the Chief Procurement Officer added additional guidance on what interested parties can include within the response.