NOAA Cyber Security Center Posts RFI for Cyber Threat Monitoring Requirement

The National Oceanic and Atmospheric Administration’s Cyber Security Center has posted a request for information to identify providers of round-the-clock threat response capabilities as well as enterprise services such as continuous diagnostics and information technology operations. The potential vendor will also be tasked with providing engineering support for data and service integration to the Department of Commerce’s Enterprise Security Operations Center.

Responses are due by Jan. 26. According to the RFI, NOAA seeks to defend against unauthorized access and disruption to information and related systems, Nextgov reported Monday.

In February 2022, the Commerce Department’s Inspector General released an audit report determining that NOAA left three active directories open to cyberattacks. The watchdog found that the agency had accounts with excessive administrative privileges on local computers, potentially letting hackers exploit them to gain full data access and install malware.

The Commerce Department IG recommended that NOAA abide by privileged account management guidelines set out by the National Institute of Standards and Technology and tasked the chief information officer with looking into acquiring security tools to conduct periodic reviews.

Another Commerce Department component, the U.S. Patent and Trademark Office, awarded a $31.4 million task order to XOR Security for cybersecurity operations support services. The company is tasked with supporting a security operations center that oversees various information and network systems.