Relevant links are at the bottom of this post.
The State Department, fresh off the heels of a highly publicized cyberintrusion, is picking industry’s brain for tactics to block and perhaps strike back at hackers, according to new contracting documents.
State wants to produce a new set of how-to “playbooks” around cybersecurity “to clearly guide both offensive cyber operations and responses to cyberattacks,” department officials said Wednesday.
“Offensive cyber operations” is military jargon for hacking into or disrupting an adversary’s system, making it an odd turn of phrase to describe civilian data security practices.
This is especially curious, given the planned “playbooks,” or how-to guides, will eventually be available to the public, according to State.
The strategies that will be hammered out include, but are not limited to:
- Physical and Logical Network Segmentation, using Palo Alto and Cisco technology. (Running data on separate networks can help contain the spread of an intrusion)
- Two-Factor Authentication (Requiring users to log in with not only a code, but also another form of identification, like a smart card)
- Network Configuration Monitoring, signature & heuristics based
- Zero Client Architecture
- Cloud Computing Security
- Security Operations Center
- Mobile Device Security
- Dynamic System Defenses
- Data-At-Rest & Data-In-Transit Encryption (Information is saved and sent in scrambled code, instead of plain text, to thwart eavesdroppers)
- Data Centric Security
- Micro Hypervisor Technology
- Application Whitelisting (Users are only allowed access to a preset group of software programs)
Wednesday’s announcement states there will be a paid 1-year contract for a set of detailed playbooks “suitable to provide clear direction and guidance for actionable information security operation activities.”
But right now, the department is only seeking information from companies for planning purposes.
Specifically, State has called on AT&T, CenturyLink, Planet Technology, Booz Allen-Hamilton, Deloitte and other “cybersecurity experts” to offer “top-notch world-class” knowledge, according to the contracting documents.
Proposals are due Sept. 8.
Each playbook will list cybersecurity standards, methodologies, procedures and processes.
The playbooks will not be “tailored specifically to the information technology architecture” of the State Department, according to the solicitation, “but rather will be written in a manner that reflects current industry best practices and thinking while still providing the granularity necessary to configure and implement specific hardware and software solution sets.”
The playbook preparations come less than a year after the government discovered well-resourced hackers reportedly backed by Moscow waging months-long attacks against the White House and State.
The Obama administration has a history of releasing playbooks to inculcate basic procedures across the government.
A year ago came the Digital Services Playbook, providing best practices from the public and private sectors to help government build better apps and other online tools for citizens. Then, in February, the White House released a U.S. Public Participation Playbook meant to help people gain a stronger voice in policy decisions.