OT/ICS Cybersecurity-as-a-Service
Responses Due By
2021-02-02 23:59:59 US/Eastern Time
Executive Summary
The Department of Defense seeks a managed vendor solution that will provide 24/7 network monitoring specific to Operational Technology/Industrial Control Systems (OT/ICS) for manufacturing depots demonstrating the ability to adequately detect malicious activity and alert DoD cyber operators in near real-time across multiple reporting tiers via a vendor/integrator managed security operations center(SOC). The solution should also integrate with existing DoD owned SOC infrastructure. The intent is to prototype in the following phases: site assessment, design, implementation, tuning, and finally monitoring the network via an established OT/ICS SOC managed by the bidding vendor.
Prospective bidders are invited to submit their proposals (“Solution Brief”) per the guidelines below.
Vendors selected for phase two will deliver an in-person/virtual-interactive pitch as well as a live product demonstration in early 2021. The demonstration event will allow the evaluation team to assess the current maturity of the proposed solution. NOTICE: The Government will not provide funding for company participation in the demonstration.
Desired Product Specifications
The DoD seeks to prototype a readily available, commercially proven solution that includes the ability to:
- Easily deploy into varied environments agnostic of existing OT/ICS and IT networking/security stack equipment
- Assess and recommend security improvements to existing OT/ICS and IT infrastructure
- Integrate with existing government security and reporting architecture
- Support multi-tenancy for multiple reporting levels and different facilities from executive level dashboards to site specific event reporting
- Remotely managed, secured, and monitored by the vendor, integrator, or an approved service provider at an established OT/ICS SOC
- Provide and enable proactive hunting and security practices
- This prototype effort will continue for 18-24 months or until deemed successful
In addition to submission instructions below, companies should include the following in their solution briefs*
- Administration/user guide of the current shipping product(where applicable)
- Technical guides of the current shipping product (where applicable)
*Please note, it is expected to be part of the 5 pg white paper or 15 page slide deck described in the Solution Brief requirements below.