GSA inks deal to provide advanced cybersecurity tools

The General Services Administration announced this week it had signed an agreement with five vendors to provide advanced cybersecurity tools designed to prevent attacks before they happen.

The blanket purchase agreement under GSA's SmartBUY program will allow agencies to buy situational awareness incident response (SAIR) software tools at a discount from the prices currently offered on Schedule 70, the primary government vehicle for commercial information technology goods and services. The awards were made to Autonomic Resources of Raleigh, N.C.; Ashburn, Va.-based Intelligent Decisions Inc.; Merlin International of Englewood, Colo.; Patriot Technologies of Frederick, Md.; and Washington-based Winvale Group. GSA said a sixth award might be forthcoming.

A team from GSA and the Homeland Security Department worked together to establish the technical requirements for the agreement. "We're accountable to the American public to protect our cyber infrastructure," said Rear Adm. Michael Brown, acting assistant secretary of DHS for cybersecurity and communications. The agreement, he said, will save "substantial taxpayer dollars."

The SAIR tools will help agencies position themselves to prevent attacks by identifying vulnerabilities and unauthorized configuration changes before they can be exploited by hackers. Agencies will have access to a full management suite to scan for vulnerabilities and push updates out to users' desktops immediately. Each of the five vendors offers a slightly different set of tools, so agencies can submit a bid request to ensure they get the services they require.

Lawrence Hale, director of infrastructure optimization at GSA's Office of Integrated Technology Services, said agencies have shown a lot of interest in SAIR tools, partly because of the requirements of the Information Security Line of Business initiative launched during the Bush administration. DHS and other agencies have worked closely with the Office of Management and Budget to ensure compliance with governmentwide initiatives such as the Federal Desktop Core Configuration and the Trust Internet Connection, which are designed to reduce the number of weaknesses that hackers can exploit.

"A chain's only as strong as the weakest link. These tools help you identify that link," Hale said. "You can find systems on your network that haven't been kept up to date, identify them and push updates to make sure everything you're responsible for is kept current with the correct security configuration."

Hale said his office expects the blanket purchase agreement eventually to see at least $20 million in business. Agencies interested in learning more about the tools can check GSA Advantage, e-Buy or contact SmartBUY project manager Sharon Terango at sharon.terango@gsa.gov.