How should the Census Bureau protect its networks for the next decade?
That’s the prime question posed in a recent request for information from the agency tasked with producing data about the American people and economy. The Census Bureau “believes industry holds the most current and best practices in these areas impacted by cybersecurity and seeks recommendations on how to best acquire the needed industry knowledge and expertise and achieve benefits in accordance with federal requirements,” says the solicitation.
The first online decennial census is currently underway and lawmakers have pushed the agency to embrace more technology for its collection of statistics on the U.S. population. With the embrace of modern technology comes added cyber risks — risks the agency wants industry input on how to solve.
“The [Census Bureau] intends to mature an enterprise cybersecurity program to enable a fully informed risk based approach that considers the complex and diverse technology environment in place across various program offices,” the RFI states.
Protecting population information and its many networks and program offices is required by law and needed for the agency to maintain trust with citizens who it depends on to fill out census questionnaires. The agency has struggled with network protections in the past and wants to set itself on a new course for cybersecurity in the 2020s. The respondents to the RFI would be informing how the agency would both acquire cybersecurity-specific tools and services and general IT equipment.
The Census Bureau’s “intent is to achieve comprehensive visibility of all IT and information assets,” the RFI states.
The agency signaled an intent to contract continuous monitoring services for its network security and “proactive cyber defense.” Penetrative testing across all environments and cyber threat intelligence are also services the agency is interested in incorporating into its cybersecurity strategy, according to the RFI.