working draft – internal va use only technology acquisition center (tac) information technology...
TRANSCRIPT
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document – Internal VA Use Only
1
Technology Acquisition Center (TAC)
Information Technology Advanced Planning Briefing for Industry
6/16/2015
Stanley F. LoweDepartment of Veterans Affairs Office of
Information Security (OIS)June 16, 2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document – Internal VA Use Only
26/16/2015
• Overview• Goals• Offices• Other Priorities and Focus Areas
Agenda
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
3
OIS Overview
• Office of Information Security (OIS)• Manages the VA-wide information security and privacy
programs that protect the information security and privacy infrastructure of VA
• “Devoted to supporting all stages of Veteran care by protecting the personal information of Veterans and the employees who serve them”
• OIS protects the personally identifiable information (PII) of 23 million Veterans, 45 million beneficiaries, and over 300,000 VA employees
6/16/2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
4
OIS Goals
• Goal 1: Protect the overall VA information security and privacy posture to ensure confidentiality, integrity, availability, and appropriate destruction of information
• Goal 2: Integrate risk and performance management into information security and privacy practices to create a cost and process effective program
• Goal 3: Establish an information security governance structure and policies that create operational efficiency and accountability
• Goal 4: Seamlessly integrate security processes into VA’s business and IT projects to reduce exposure to risk and maximize efficiency
• Goal 5: Promote an environment where all employees’ and contractors’ actions reflect the importance of information security accountability
6/16/2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
5
OIS Offices
• Business Continuity (BC)• Office of Cyber Security (OCS)• Field Security Service (FSS)• Office of Privacy and Records Management
(OPRM)• Network Security Operations Center (VA-
NSOC)
6/16/2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
6
Business Continuity (BC)
• Responsible for developing and implementing emergency management and continuity programs that ensure resiliency of critical IT tasks
• Provides staffing to VA’s Integrated Operations Center to create and maintain shared situational awareness across administrations and staff offices concerning OI&T issues
6/16/2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
7
BC Activities
• Information Systems Contingency Planning (ISCP)
• IT Systems Disaster Recovery• Business Impact Analysis (BIA)• Continuity of Operations (COOP)
6/16/2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
8
Upcoming FY16 Contract Opportunities-BC
6/16/2015
Name of Investment DescriptionBusiness Continuity Support This contract is for part-time subject matter
experts across the continuity spectrum to assist in any internal support for OI&T exercises, including Contingency Plans and Disaster Recovery Plans. Exercise support provides subject matter experts to develop, measure, and run exercises at the OI&T, VA and National Level.
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
9
Office of Cyber Security (OCS)
• Establishes policy and oversees the implementation and operation of IT security programs across the Department
• Manages and directs all activities for audit resolution and readiness, the Certification Program Service, security architecture and software assurance, the Emergency Response team, and identity access management
6/16/2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
10
OCS Activities
• Policy Development/Oversight and Compliance Reporting
• Continuous Readiness in Information Security Program (CRISP) Supporting Initiatives
• Assessment/Authorization Program• Identity and Access Management Program Support• Visibility to Everything (V2E) Related Initiatives• Security Architecture and Software Assurance
6/16/2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
11
Upcoming FY16 Contract Opportunities-OCS
6/16/2015
Name of Investment DescriptionBig Data Analyze VA Cyber Security data and develop an approach for
establishing a VA cyber security “big data” program. Cyber Security Transformation Address the oversight, execution, budgeting, programming, promotion,
management and monitoring of cyber security activities across VA regions and facilities. VA’s cyber security program is a comprehensive department-wide initiative supporting VA’s multiple administrations and staff offices in cooperation with Federal Departments and Agencies (i.e., DHS, HHS, DoD).
End Point Manager (Big Fix) Maintenance Field Office remediation; Information Security Continuous Monitoring (ISCM); premium support for Enterprise Management Foundation (EMF) Federated Data Repository (FDR), with dedicated resources and additional product licenses required, due to increased utilization of the BigFix and Cognos platforms integrating into multiple efforts.
Policy Support The contractor shall provide assistance to the OCS and Security Technical Management Service (STMS) in revising, reviewing, and interpreting the operational, technical, and management controls required by VA’s information security program. The contractor shall provide support to translate and customize specific requirements related to the Federal Information Security Management Act (FISMA), Health Insurance Portability and Accountability Act (HIPAA), E-government Act, Freedom of Information Act (FOIA), Privacy Act, and other requirements for the VA environment.
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
12
Field Security Service (FSS)
• Field Security Service (FSS) consists of VA Information Security Officers (ISOs)
• FSS ISOs are the “boots on the ground” security professionals - the face of information security for the Department.
6/16/2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
13
FSS Activities
• Manages VA-wide field based Information Security Officers (ISOs)
• Continuous Readiness in Information Security Program (CRISP) Compliance - Ensures the security and compliance of all VA information systems
• Medical Device Protection Program - Ensures medical devices used at VA medical centers are safeguarded against cyber security threats
6/16/2015
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
14
Upcoming FY16 Contract Opportunities-FSS
6/16/2015
Name of Investment DescriptionFSS Program Management Support
FSS requires project management expertise at the national and regional level. This expertise is critical to meeting the goals of OIS, CRISP, and remediating the VA OI&T material weakness.
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document – Internal VA Use Only
156/16/2015
• Works across OIS to integrate privacy considerations and requests for information, manage official records, and ensure that the confidentiality, integrity, and availability of VA sensitive information and information systems are protected
Office Of Privacy and Records Management (OPRM)
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document – Internal VA Use Only
166/16/2015
• Freedom of Information Act (FOIA) • Records Management
• Release of Names and Addresses (RONA) • Controlled Unclassified Information (CUI)• Electronic Recordkeeping Initiatives
• Social Security Number Reduction and Elimination• Privacy and Security Events Tracking System (PSETS)• Policy and Training Development Efforts• Privacy Impact Assessments (PIA)• Identity Theft Prevention and Detection
OPRM Activities
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document – Internal VA Use Only
176/16/2015
Name of Investment DescriptionPrivacy Security Events Tracking Privacy and Security Event Tracking System
(PSETS) is used to record all privacy-related complaints and privacy/security incidents across VA. Privacy and Security event tracking is a component of the Department of Veterans Affairs (VA) Privacy Program, mandated in VA Directive 6502, VA Enterprise Privacy Program, and administered by the VA Office of Privacy and Records Management, Privacy Service.
Upcoming FY16 Contract Opportunities-OPRM
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document – Internal VA Use Only
186/16/2015
• Protects VA information on a 24/7 basis by monitoring, responding to, and reporting cyber threats and vulnerabilities
Network Security Operations Center (NSOC)
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document – Internal VA Use Only
196/16/2015
• Manages Remote Access to VA • Provides Support to Wide Area Network (WAN)• Monitors Trusted Internet Connection (TIC)
Gateways
NSOC Activities
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
20
Upcoming FY16 Contract Opportunities-NSOC
6/16/2015
Name of Investment DescriptionCFS Data Storage and Retention Procure dedicated storage to allow for future expansion and enable to keep a
1-year retention of all logs and keep all evidence related to security incidents for at least 3 years per federal standards. Storage could be expanded later to accommodate future needs for the Cyber Forensics Team.
RESCUE SMC [change MAC to SMC) Adaptive Security Appliances (ASAs)
Procure the CA Service Desk Manager (SDM) modules required by the NSOC to leverage the benefits of a configuration management database (CMDB) as well as procure the professional services required to successfully install, configure and maintain the CA SDM CMDB tool.
RightIT Now Renew of the current RightITNow ECM (Event Correlation Manager) subscription to enable IT operations staff to proactively detect, isolate and respond to infrastructure issues before they affect customers. RightITNow ECM also enables the creation and execution of automated workflows.
SourceFire 3D Increase Increase in funding to the current SourceFire 3D contract to include devices that are currently out of license and need renewing.
Tenable Additional 400,000 Internet Protocols (IPs)
Identifies all vulnerabilities and reports the findings to the appropriate system administrators for corrective action and up to management. Requesting an additional 400,000 IPs for usage to accommodate the network growth and expansion.
Trusted Internet Connections (TIC) Gateway Application Firewall Refresh
Increase in the capacity of the Firewall system in order to offload web browsing traffic to hardware systems.
TIC Gateway Nexus Core Switches The TIC program supports VA 6500 Handbook by allowing for a robust core switching capability and network virtualization. The TIC must be able to scale to support up to 100Gbps (gigabits per second) of mixed IP traffic throughput to meet projected operational needs.
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document
21
Upcoming FY16 Contract Opportunities-NSOC
6/16/2015
Name of Investment Description
TIC GSI Refresh
Perform a technical refresh of our converged infrastructure, which combines network, storage and computer resources in to one area or resource pool where virtual machines can operate and process work.
AppSec License_Support
Procure AppDetective Pro is an database auditing tool to assess all Office of Inspector General (OIG) / Federal Information Security Management Act (FISMA) audit sites and to assess other databases as necessary. This tool will directly impact remediation of ongoing material weaknesses.
Security Incident and Event Management (SIEM)
Procure a centralized event and information correlation tool that can correlate information from disparate network and security management systems, and present it at various levels ranging from an basic monitoring and technical analysis dashboards to Executive Management Level Reports for legal and compliance reporting.
Tenable Security Center 500 IPs
Supports the enterprise scanning solution and Visibility to the Desktop, identifying all vulnerabilities and reporting the findings to the appropriate system administrators for corrective action and up to management.
Tenable Security Center
Supports the enterprise scanning solution and Visibility to the Desktop, identifying all vulnerabilities and reporting the findings to the appropriate system administrators for corrective action and up to management.
TIC Gateway Storage Infrastructure Maintenance Support
Provides VA with the maintenance and support to the infrastructure deployed for SIEM and SAN as well as updates and servicing to 430,000 endpoints VA-wide.
Web Content Filtering
Procure hardware and software to positively identify the VA active directory credentials of individuals accessing the Internet and positively link a user to logged access attempts. The solution must be able to record this information for use in investigations and disciplinary action where necessary.
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document – Internal VA Use Only
226/16/2015
• Cloud Services• Patching • Encryption
Other Priorities and Focus Areas
Working D
raft – Internal VA
Use O
nly
Working Draft, Pre-Decisional, Deliberative Document – Internal VA Use Only
236/16/2015
• For more information about the Office of Information Security, contact: [email protected]
• For information on doing business with VA, visit: http://www.va.gov/oal.business/dbwva.asp
Questions?
Additional Information