The U.S. Census Bureau is seeking industry input on a new acquisition strategy to revamp its cybersecurity practices over the next decade, according to a May 20 request for information (RFI).
Census explains that “industry holds the most current and best practices in these areas impacted by cybersecurity,” and the agency hopes to use these proven methods to shape its own acquisition strategy. This will “achieve the highest level of cyber defense and resilience” while still following current Federal guidelines, the RFI states.
Census’s Office of Information Security (OIS) will lead the implementation to create an enterprise cybersecurity program with a fully informed, risk-based approach to the cyber environment. The final product will include an adaptive approach to cybersecurity services that benefits all tech and business elements across the agency 24/7/365, Census wrote.
The new cybersecurity services will also include a proactive approach to cyberthreat mitigation. The RFI asks for information on continuous vulnerability scanning and remediation, on-going attack simulations and penetration testing, and active cyber threat hunting to support this approach.
“Through the use of next generation artificial intelligence and machine learning, the goal is to establish near real-time situational awareness of high value technology and information assets,” the RFI states. “This approach reduces dependencies on point in time assessments while increasing continuous monitoring capabilities.”
By integrating the tech and business lifecycles, Census wrote that it hopes to transform IT and cybersecurity into “key business enablers instead of required burdens” that will play a critical role in boosting resilient outcomes through a DevOps and agile model.
Census is accepting responses to the RFI through July 15.