The Cybersecurity and Infrastructure Security Agency (CISA) has issued a request for information (RFI) focused on email security capabilities that will protect Federal networks and the Federal Civilian Executive Branch (FCEB) .gov domain enterprise from threats and strengthen cyber defenses.
“CISA is exploring a Protective Email Service (PES) to execute its mission to protect FCEB email traffic and to conduct threat hunting and incident response,” the RFI says. “The purpose of this RFI is to assist the government in conducting market research focused on feedback and insight from industry who offer a broad set of email security capabilities and those who have delivered similar complex solutions in the Federal government or private sector space.”
CISA is looking for a PES that is cloud-based and accessible for application program interfaces. The PES should cover all FCEB agencies, with PES management to be a shared responsibility between CISA and FCEB agencies.
The RFI outlines five objectives for the PES, which include:
- “Normalize and provide baseline security and visibility for FCEB email.
- Detect and protect Federal enterprise from malicious email content as part of the CISA mission to manage FCEB risk.
- Detect and prevent the Federal enterprise email from being used as a vector for malicious threat actors against itself and non-Federal entities.
- Provide appropriate visibility into agency email traffic to enable CISA Global Operators to conduct cyber hunt and incident response.
- Be able to leverage CISA’s and FCEB entity data holdings in cyber hunt, prevention, mitigation, and incident response activities.”
Questions related to the RFI must be sent no later than Dec. 1 at 2 pm EST to Diana Zoppi at firstname.lastname@example.org and Kevin Criley at email@example.com. The questions will be answered in an update to the RFI no later than Dec. 10.
RFI responses are due by Dec. 20 at 2 pm EST via the aforementioned emails.