The Homeland Security Department recently issued an RFI on threats to mobile device security. The RFI includes a survey and room for the private sector responde...
Smartphones and tablets are tools to aid in an agency’s mission, but they’re also a target for attack.
That’s why the Homeland Security Department is taking a look at the government’s “mobile ecosystem” and it’s asking the private sector for help in focusing that lens.
DHS recently issued a request for information on mobile device security. Vincent Sritapan, program manager for the department’s cybersecurity division, told Federal News Radio in an interview that industry’s opinion matters because “we can’t do this without them.”
“Who has the best mobile threat intelligence on the planet? In my opinion it’s not the government,” Sritapan said. “We might have some in different pockets, but it’s industry that has it. Industry runs the actual mobile infrastructure, the networks that exist. It’s industry who we need to work with.”
The RFI asks for “input on products, services, capabilities and technologies” related to the government’s use of smartphones and tablets, and related threats and defenses.
Responses to the RFI are due Aug. 22. Sritapan said there are no plans for a request for proposals nor will an acquisition be following the RFI. But industry can get credit for its input, he said.
“I will tell you the information here will shape programs, whether it’s in [science and technology], whether it’s in other offices that exist for mobility, the DoD, the [intelligence community], the federal civilian space. People are very cognizant of what we’re doing here and what’s available today,” Sritapan said. “We’re willing to give you credit on this coverage or this defense, maybe that helps out your company. But the idea is we’re all about protecting the American people and the citizenry to use mobile going forward.”
The RFI is required under the Cybersecurity Act of 2015. Once the responses are collected DHS will turn over its findings to Congress in mid-December.
Chat with Jonathan Alboum, USDA CIO, July 26 at 2 p.m. Sign up here.
“The whole point for this RFI is to support this Congressional study on mobile device security, bring awareness to what are the real threats, what are the defenses that exist today and how can we move forward,” Sritipan said. “Most definitely we’re going to find gaps, where threats exist and defenses do not. That ‘s an area where DHS S&T can use that as future research areas that are a concern that commercial industry can go after, the research community can go after.”
The RFI has two parts, a survey worksheet for threats, products, services and technologies, and a standards and best practices section.
For the survey, respondents are asked to:
RFI respondents are given as much as 15 pages for the industry standards and best practices section. In this portion, industry members are asked:
Sritapan said the long-term goal of the RFI is to “secure the use” of mobile devices in government missions.
“We’re talking about not mobile as a technology because it’s so awesome, it’s just another way that we use to do our mission. It’s a tool essentially,” Sritapan said. “We’re just trying to ensure that security isn’t just another bolt-on or it’s a road block that we can’t do our mission.”
DHS is hosting two industry days to answer questions about the RFI. One day was hosted July 20 in Washington, D.C., and a second day is set for early August in Menlo Park, California.
Sritapan said DHS is also sending interview requests to various stakeholders in the telecommunications and mobile device management markets, so it can ask its own questions of the private sector.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.