US State Department plans cyber security playbook

The US State Department issues a request for information to determine the capabilities of commercial industry to provide and maintain a cyber security playbook

The US State Department is asking for input from information security industry experts on putting together a set of cyber security guides for a playbook to support its information security programme.

The move comes less than a year after the department’s unclassified email system was reportedly breached by state-backed hackers.

The department said the aim of the request for information (RFI) is to determine the capabilities of commercial industry to provide and maintain a cyber security playbook.

Contributions have been invited from cyber security experts, including AT&T, CenturyLink, Planet Technology, Booz Allen Hamilton and Deloitte.

“This RFI is issued solely for information and planning purposes and does not constitute a solicitation,” the department said, but added that there will eventually be a paid 1-year contract for a set of detailed playbooks.

A key element of the responses to the RFI will be information about the respondent’s capabilities that will assist the department with making a decision about how best to contract for the required products and services.

The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges, the RFI said.

It said the national and economic security of the US depends on the reliable functioning of the critical infrastructure in the face of such threats.

The RFI said the department is seeking to work closely with specialised cyber security experts to put in place robust policy frameworks and doctrines to clearly guide both offensive cyber operations and responses to cyber attacks.

The how-to guides are required to provide clear direction and guidance for actionable information security operation activities and will eventually be made available for use by private companies.

Deliverables must include a set of standards, methodologies, procedures and processes that align policy, business and technological approaches and “industry best practices” to address cyber risks.

The department said the topics for the cyber security playbooks should include, but are not limited to the following:

  • Physical and logical network segmentation
  • Two-factor authentication
  • Network configuration and monitoring
  • Zero client architecture
  • Cloud computing security
  • Security operations centre
  • Mobile device security
  • Dynamic system defences
  • Data encryption
  • Data-centric security
  • Micro hypervisor technology
  • Application whitelisting

The closing data for submissions in response to the RFI is 11 September 2015.

Read more about critical infrastructure cyber security

  • The critical national infrastructure industry needs secure products from secure suppliers, with secure development lifecycles, say CNI experts.
  • There is a need for cultural change at energy companies to ensure everyone understands the importance of cyber security, says National Grid security manager.
  • For critical infrastructure, a combination of situational awareness and compliance could be the best approach to industrial control system security.
  • Targeted attacks on industrial control systems are the biggest threat to critical national infrastructure, says Kaspersky Lab.

Read more on Hackers and cybercrime prevention

Data Center
Data Management