CISA Seeks Extra Email Protection

The United States’ Cybersecurity and Infrastructure Security Agency (CISA) is exploring a protective email service (PES) that can be used to make Federal Civilian Executive Branch (FCEB) email safer. 

In October 2017, the Department of Homeland Security took action against the spoofing of domains and organizations by mandating DMARC or domain-based message authentication, reporting and conformance standards by all federal agencies in its Binding Operational Directive 18-01

Now, CISA is asking the cybersecurity industry for feedback on ways to bolster protective email services through threat hunting and incident response. 

Through independent agency the General Services Administration, CISA has released a request for information (RFI) to discover the protective email service capabilities among vendors. 

“One of CISA’s key missions is to protect federal networks and protect the Federal Civilian Executive Branch (FCEB) .gov domain enterprise from threats while strengthening cyber-defenses. To that end, CISA is exploring a Protective Email Service (PES) to execute its mission to protect FCEB email traffic and to conduct threat hunting and incident response,” states CISA in its RFI. 

The objectives of the PES include detecting and preventing federal enterprise email from being used as a vector for malicious threat actors against itself and non-federal entities and the ability to leverage CISA’s and FCEB entity data holdings in cyber-investigation, prevention, mitigation and incident response activities.

The request details three potential approaches to email shielding services along with a set of core and general capabilities. Vendors are asked to outline the risks they face and what they are doing to make email safer and share recommendations. 

“Feedback will assist the government in refining solution design, use cases, and functional requirements, provide insight into scalability of the potential service(s), assist the government in determining industry segmentation by capability and size, and provide insights into the current offerings of PES the federal and corporate landscape in developing a potential acquisition strategy,” stated CISA.

Questions about the RFI must be submitted by 2 pm EST on December 1. The deadline for responses to the RFI is 2 pm EST on December 20.

What’s Hot on Infosecurity Magazine?