From: anonymous@freezone.remailer
Date: Mon, 2 Oct 95 19:34:19 PDT
To: cypherpunks@toad.com
Subject: SAIC Snags INFOSEC
Message-ID: <199510030234.WAA02732@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.disa.mil/ciss/itsc/docs/brochure.html


   INFOSEC Technical Services Contract The Solution to Your 
Security
   Needs Now!
   
   What is INFOSEC
   
   Information Systems Security (INFOSEC) is defined as the 
protection of
   information systems against unauthorized access to or 
modification of
   information, whether in storage, processing or transit, and 
against
   the denial of service to authorized users or the provision 
of service
   to unauthorized user's, including those measures necessary 
to detect,
   document, and counter such threats. For operations and for 
economic
   efficiencies INFOSEC is an enabling feature. It is the 
discipline that
   protects the integrity, availability, and confidentiality of 
our
   information assets and systems. All information is important 
and
   valuable to its users and requires some level of protection 
from
   unauthorized disclosure (confidentiality), assured access by 
users
   (availability), and protection from unauthorized change 
(integrity).
   We believe that good security is a mission enhancer, not a 
mission
   detractor! Our overall approach to information systems is 
security is
   to PROTECT information using a layered defense based on risk
   management and cost benefit analysis. We must be able to 
monitor all
   our systems and networks in real time to DETECT intrusions 
or hostile
   actions at all levels, and then REACT to isolate the 
systems, correct
   the security breach, restore service to the users, and act 
to prevent
   future attempts.
   
   Center for Information Systems Security
   
   Background
   
   In July 1990, the Assistant Secretary of Defense for 
Command, Control,
   Communications, and Intelligence ASD(C3I), started an 
investigation
   effort for coordinated DOD-level management of defense 
INFOSEC
   initiatives. DCA, now DISA, was designated as the lead 
agency with
   assistance from the National Security Agency (NSA). A 
DISA/Center for
   Information Systems Security (CISS) and NSA plan was 
developed and
   approved for establishment of the Defense Information 
Systems Security
   Program (DISSP).
   
   CISS has its origin in the Defense Information Systems 
Security
   Program (DISSP), a joint DISA/NSA program. Continuing as a 
joint
   program office CISS's mission is to manage, coordinate and 
provide
   direct INFOSEC application support to DOD programs, develop 
standards
   and protocols for INFOSEC and expedite the implementation of 
MLS
   command, control and communications systems for DOD. The 
CISS provides
   a means to fully review, coordinate, and make 
recommendations
   concerning the implementation of policy, architecture, and 
products to
   support DOD objectives.
   
   Mission
   
   The Center for Information Systems Security (CISS) is a 
joint DISA/NSA
   organization charged with executing the centrally managed 
Defensive
   Information Warfare (IW-D) and INFOSEC functions within DOD.
   
   CISS is the focal point for assuring availability, 
integrity, and
   confidentiality of all DII systems and information. We 
provide direct
   support to DOD services and agencies, and define 
requirements for DII
   INFOSEC standards. Additionally, CISS provides central 
coordination
   and reporting response to all DOD INFOSEC incidents, and 
operational
   protection, detection, reaction, and vulnerability analysis 
to the
   DII.
   
   What is the INFOSEC Technical Services Contract?
   
   DISA awarded the INFOSEC Technical Services Contract 
(INFOSEC TSC) on
   12 July 1995 to two large businesses (CSC and SAIC) and one 
small
   business (MERDAN Group, Inc.). CISS, a joint DISA/National 
Security
   Agency (NSA) program, has been chartered to provide INFOSEC 
services
   throughout DoD. INFOSEC support will be provided by CISS
   infrastructure resources with contractual assistance from 
the INFOSEC
   TSC. The primary responsibility of the joint program office 
is to
   assure the effective and coherent application of INFOSEC to 
the
   overall Defense Information Infrastructure (DII).
   
   The contract offers technical support in the areas of:
   
     * INFOSEC Security Policy
     * INFOSEC Requirements Support
     * INFOSEC Architecture and Engineering
     * INFOSEC Independent Validation and Applications 
Verifications
     * INFOSEC Products and Applications DoD Goal Security 
Architecture
       (DGSA)
     * INFOSEC Certification and Accreditation Master 
Transition Plan
     * INFOSEC Technology and Training Documentation, and 
Countermeasures
       Information Dissemination
     * INFOSEC Multilevel Security Technology
     * INFOSEC Technical Managemet and Capabilities Planning 
(TMP)
     * INFOSEC ProfessionalizationProgram and Project 
Management
     * INFOSEC Standards and Protocols
       
   The contract is not a Federal Information Processing (FIP) 
hardware or
   software procurement contract.
   
   All DOD departments and agencies requiring INFOSEC services 
can
   utilize the INFOSEC TSC. The contracts are Indefinite 
Delivery,
   Indefinite Quantity (IDIQ) with individual firm fixed price, 
cost plus
   fixed fee, and time and material Delivery Orders (DOs) 
awarded for
   each requirement. Ceiling on the INFOSEC TSC is $1.095B 
which includes
   authority for other Federal (non-DOD) Agency use of 10% of 
current
   contract value. An additional 10% authority for non-DOD 
federal
   agencies is anticipated from GSA. There will be a 2 percent 
fee
   applied to all Delivery Orders.
   
   Details for submitting requirements are spelled out in the 
"Guide for
   the INFOSEC TSC.
   
   
   Advantages of Using the INFOSEC Technical Services Contract
   
     * Provides contractual assistance in support of INFOSEC 
and INFOWAR
       requirements
     * Provides a means to obtain assistance in addressing 
complex
       systems security issues
     * Provides a high level of expertise to support systems
       certification and accreditation
     * Provides necessary DII/NII security support for DII/NII 
open
       systems architecture
     * Provides hardware and software support for INFOSEC 
prototyping and
       incidental hardware/software required to perform the 
task
       
     
_________________________________________________________________

   
   
   The INFOSEC TSC guide can be obtained from the:
   
   INFOSEC Technical Support Office (ITSO)
   Center for Information Systems Security
   5111 Leesburg Pike, Suite 100
   Falls Church, VA 22041-3201
   
   Attention: Ms. Nanette Chopin
   (703) 681-1331
   ---or---
   Attention: Mr. James Lindou
   (703) 681-1333
   FAX (703)681-1393
   ---or---
   through the World Wide Web at 
http://www.disa.mil/ciss/itso.html.
   
     
_________________________________________________________________

   
   
   SAIC Team Members
   
     * Bell Atlantic
     * Bellcore
     * CTA, Inc.
     * George Mason University
     * Information Security Systems, Inc.
     * JANUS Associates
     * Lockheed Martin
     * MICON Services Company
     * Pailen-Johnson Associates, Inc.
     * Secure Solutions, Inc.
     * Sprint
     * Technautics, Inc.
     * TeleCommunication Systems (TCS)
     * TELOS


   CSC Team Members
   
     * A.B. Floyd
     * Automation Research Systems (ARS), Ltd.
     * Bowie State
     * Computer Associates
     * DEC
     * DMR Group
     * Group Technologies
     * Intermetrics
     * IRE
     * Metters Industry
     * MIS Training Institute
     * Northrop Grumman
     * ORA
     * Oracle
     * RSSI
     * Space Applications Corporation
     * Systems Engineering Solutions, Inc.
     * Sparta
     * Spyrus
     * SRA
     * TASC
     * USATREX
     * Xerox
   
   
   Merdan Group, Inc. Team Members
   
     * Advanced Data Concepts, Inc.
     * Management Technology Strategic Association, Ltd.
       
     
_________________________________________________________________

   
   
   For More Information Contact the INFOSEC Technical Support 
Office
   
   Ms. Nanette Chopin, COR/DPM
   Voice: (703) 681-1331
   Fax: (703) 681-1393
   E-Mail to Ms. Nanette Chopin 
   
   
   Mr. Jim Lindou, ACOR/PM
   Voice: (703) 681-1333
   Fax: (703) 681-1393
   E-Mail to Mr. Jim Lindou 
   
   
   Defense Information Systems Agency
   5111 Leesburg Pike, Suite 100
   Falls Church, Virginia 22041
   
     
_________________________________________________________________

   
    Return to:
    
    CISS TSC Home Page
   DISA CISS Home Page
   DISA Home Page

     
_________________________________________________________________

   
   
   You can mail any questions about these documents to:
   
   Ms. Nanette Chopin 
   
   
   You can mail any questions about the DISA server to:
   
   yorkw@ncr.disa.mil - Last revision: 16 August 1995 
   okonw@ncr.disa.mil
   
   
     
_________________________________________________________________