OMB Wants Rapid Response When a Cybersecurity Breach Occurs

December 12, 2015

OMB tells GSA, agencies to draw up rapid contracting plans for cyber breaches

Trevor Rudolph, the chief of OMB’s new cyber and national security unit, talks about plans for rapid response to a cybersecurity breach.

Source: Federal News Radio, Jared Serbu, November 30, 2015

The Office of Management and Budget is directing federal agencies and the General Services Administration to come up with a single mechanism to rapidly hire outside expertise the next time a civilian agency’s systems are breached in a cyber attack, reasoning that time will be of the essence and that virtually no agency will have the resources needed to mount an adequate response with in-house staff.

Within the next two months, GSA will need to submit a general plan for the contracting equivalent of a 911 service that would let agencies rapidly plug any freshly-exploited security holes in the event of another cyber breach like the one disclosed by the Office of Personnel Management earlier this year. The actual contract vehicles must be in place and available for any agency’s use, on a reimbursable basis, by the end of next April.

“What we do not want to do is stand up just another paper tiger where you have to run through a bunch of bureaucratic mechanisms to access the assistance when you need it,” Trevor Rudolph, the chief of OMB’s new cyber and national security unit, told a recent cybersecurity conference organized by Federal Times. “The idea here is that the agency has access to the help beforehand, so that when there’s a problem we have help from industry very, very quickly.”

The rough outlines of the new rapid contracting capability for cyber were delineated in the cybersecurity strategy and implementation plan (CSIP) the White House released a month ago, and it’s a signal of OMB’s current thinking about cybersecurity: The government’s security apparatus has spent a lot of attention and money on trying to prevent breaches, but comparatively little on figuring out what to do after they’ve happened.  Read More …

Is your company’s data secure?.  Contact your nearest PTAC if you need assistance with cybersecurity.

 

Keep up to date follow us on Twitter, LinkedIN or Facebook!


 For help with Government Contracting: contact your nearest Procurement Technical Assistance Center (PTAC). Funded through Cooperative Agreements between the U.S. Department of Defense and state and local governments/institutions, PTACs provide free and low-cost assistance in virtually all areas of government contracting.