Cybersecurity

Treasury Department Proposes Contract for Cybersecurity Assessment Services

The Department of the Treasury has issued a notice of proposed contract action to procure cybersecurity assessment services from a small business.

The vendor would provide systems security services support and enhance the mission assurance posture of the Treasury Department’s Office of Inspector General, according to the notice posted on SAM .gov.

Under the terms of the proposed contract, the contractor will provide cyber threat mitigation measures to protect TOIG information, assets, operations and individuals while ensuring that regulatory and compliance requirements are met.

The Treasury Department said each of its bureaus maintains an information security program that is in line with the mandates of the Federal Information Security Management Act of 2002, among other departmental and federal requirements.

Congress introduced FISMA to reduce the security risk to federal information and data while ensuring proper appropriations on information security.

FISMA includes a set of guidelines and security standards that federal government agencies need to meet.

For fiscal year 2019, TOIG said in an audit report that the Treasury Department maintained its information security program and practices for unclassified systems consistent with applicable FISMA requirements, the Office of Management and Budget’s policy and guidance and the National Institute of Technology’s standards and guidelines.

However, the program was not effective according to Department of Homeland Security standards, and some FISMA metric domains needed improvement, TOIG added in the report.

Federal information security was a major consideration for the Trump administration, the Treasury Department said in its new notice.

In May 2017, former President Donald Trump issued Executive Order 13800 to improve the United States’ cyber posture and capabilities amid growing cybersecurity threats.

The executive order was focused on modernizing federal information technology infrastructure, working with domestic partners to protect critical infrastructure and collaborating with foreign allies.