SPECIAL NOTICE
99 -- Cyber Hygiene
- Notice Date
- 2/2/2022 4:47:21 PM
- Notice Type
- Special Notice
- Contracting Office
- OFFICE OF THE CHIEF PROCUREMENT OFFICER
- ZIP Code
- 00000
- Response Due
- 12/31/2022 2:00:00 PM
- Archive Date
- 12/31/2022
- Point of Contact
- OCPO Communications and Industry Liaison
- E-Mail Address
-
DHSIndustryLiaison@hq.dhs.gov
(DHSIndustryLiaison@hq.dhs.gov)
- Description
- Dear Industry Partners,� In 2015,�the Department of Homeland Security (DHS) incorporated Cyber Hygiene clauses into its contracts and agreements to require contractor compliance with certain cyber standards and protections.� In light of events�in recent years, DHS�began a pathfinder effort in Summer of 2021�to advance our process in assessing industry compliance with Cyber Hygiene clause requirements.� DHS�continues to�identify lessons learned and best practices�coming out of�our early pathfinder work�that�illustrated the potential adverse impacts to the diverse small industry base supporting many DHS missions.��Our end goal�remains�to have a means of ensuring a contractor has key cybersecurity and cyber hygiene practices in place as a condition for contract award.�� Following on from the initial�pathfinder assessment�analysis, which indicated a need to gather data on a larger vendor population, we have developed a methodology�to assess a subset of�existing DHS vendors where the HSAR�Class Deviation�15-01 is applicable�based on statistical means.��The assessment of this subset of vendors will take place via information�gathered in�a vendor self-assessment�instrument.�� The self-assessment questionnaire will be released in the coming days to a representative population of DHS HQ vendors with the applicable HSAR Class Deviation 15-01 in one or more of their contracts.� By releasing this questionnaire to our vendors, we expect to establish a statistically viable�assessment of overall cyber hygiene risk across DHS that will guide�continued work�towards an improved cyber posture�and�will�aid in establishing the focus of future�program development, including government-led�assessments.��This process is�again�a critical step in our progress towards�maturing our Cyber-Supply Chain Risk Management (C-SCRM)�program and�protecting the Homeland.� We look forward to continuing to collaborate with you on this matter. Thank you for all you do to support our missions and protect the Homeland.� Sincerely,�� Eric Hysen� Chief Information Officer� Paul Courtney� Chief Procurement Officer��
- Web Link
-
SAM.gov Permalink
(https://sam.gov/opp/90f386b6363d458bbf1a861b8adef57e/view)
- Record
- SN06231031-F 20220204/220202230058 (samdaily.us)
- Source
-
SAM.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's SAM Daily Index Page |