The Senate’s sergeant-at-arms is seeking industry assistance with insider-threat and privacy assessments for Senate networks, according to an April 6 solicitation.
The SAA wants a vendor to evaluate two aspects of insider threat prevention efforts: SAA’s protection of Senate data, which can include personally identifiable information or health data; and assessment of the SAA cybersecurity department’s procedures to ensure SAA’s data protection efforts can be audited.
“The assessment will also include evaluation and detection of anomalous user behavior that may represent abuse of their administrative privileges,” the solicitation read.
According to the solicitation, the sergeant-at-arms also wants the vendor to help with the Senate’s ability to hunt threats on its networks. The office is looking for a vendor who can “conduct a comprehensive evaluation of network and systems resources for evidence of unwanted activity and cyber-threat actor persistence," the solicitation said.
The Office of the Sergeant at Arms also expects the vendor to perform a cybersecurity resiliency test that focuses on “resiliency to effectively identify, protect, detect, react and recover from the advanced cyber threat,” the notice said.
“The Cybersecurity Department expects relevant, comprehensive and actionable improvement recommendations to refine and continue maturing its cybersecurity defense program,” the solicitation said.
While the solicitation is for insider-threat assessments, the posting comes as Senate staff, and congressional staffers more broadly, work from home amid the new coronavirus pandemic. Telework has highlighted several vulnerabilities in the Zoom videoconferencing platform. According to a tweet from a CNN reporter, the Senate’s sergeant-at-arms sent an alert to Senate offices urging them not to use Zoom.
The Office of the Sergeant at Arms has also posted several open cybersecurity jobs.