The Cybersecurity and Infrastructure Security Agency’s (CISA) Quality Services Management Office (Cyber QSMO) serves as the government marketplace of high-quality cybersecurity services that align with federal requirements while reducing costs. Through the Cyber QSMO, CISA standardizes, markets, and makes available high-quality cybersecurity service offerings and capabilities to our customers. With a long-term vision for modernizing the federal government and improving mission support functions, the Cyber QSMO will include service offerings from commercial providers, along with the services currently offered by our valued federal providers.
The Office of Management and Budget in April 2020 formally designated CISA as the Cybersecurity QSMO, on the one-year anniversary of OMB Memorandum (M) 19-16, Centralized Mission Support Capabilities for the Federal Government. OMB has specifically highlighted the provisioning of Security Operation Center (SOC) services, a Vulnerability Disclosure Management program, and protective Domain Name System (DNS) Resolver services in the formal designation. Please find more information below.
If your organization is interested in a Cyber QSMO listed service offering or becoming a shared service provider, please contact us at QSMO@hq.dhs.gov.
Security Operation Center (SOC) Services
CISA will offer a standardized set of Security Operations Center services based on cybersecurity best practices and designed to improve enterprise-wide visibility, incident discovery, and information sharing for agencies within the Federal Civilian Executive Branch (FCEB).
The wide range of SOC services offered allows for a holistic, tailored security service which includes security operations, cloud-optimized trusted internet connection (TIC), continuous monitoring, integrated advanced threat intelligence, and assessment capabilities from validated federal providers. The service offering enables a suite of capabilities to agencies that will:
- Ensure critical security protections are commensurate with the sensitivity of data to maximize agency benefit;
- Allow visibility across enterprise systems to be aggregated and managed centrally;
- Fill gaps in current agency security programs;
- Improve threat intelligence sharing; and
- Decrease total cost of ownership.
Vulnerability Disclosure Platform
CISA’s Vulnerability Disclosure Platform will support agencies to intake vulnerability information from and collaborate with the public to improve the security of agency internet-accessible systems. In furtherance of CISA’s Binding Operational Directive (BOD) 20-01, CISA’s Platform aims to promote good faith security research, ultimately resulting in improved security and coordinated disclosure across the federal civilian enterprise. This service is expected to launch in Fall 2020.
Protective Domain Name System (DNS) Resolver
DNS, commonly referred to as the “phone book of the internet,” is a critical service that translates domain names people know (e.g. CISA.gov) into the IP addresses computers use to retrieve the content on the internet (e.g. 18.104.22.168). That translation, called “resolution”, can be operated for defensive purposes. If that translation is managed by a trusted partner, it can be used for positive security outcomes, such as by neutralizing a malicious site like evil-coronavirus-scam.com by safely redirecting a user headed there.
The CISA service will protect organizations by blocking access to malicious infrastructure by overriding public DNS records that have been identified as harmful by a combination of public, commercial, and CISA-managed threat feeds. The service, which will support encrypted DNS resolution, will protect traditional on-premises infrastructure, cloud-based assets, and mobile devices. Stored DNS logs enable insight and analysis into threat activities that can prevent future threats and help participating entities and CISA respond to cybersecurity incidents.
Cyber QSMO Marketplace
With an expected launch in Fall 2020, the Cyber QSMO Marketplace will be the primary gateway to shared cybersecurity services for the FCEB enterprise. When available, this online resource will make it easier for customers to understand available services, access information about providers, and begin the purchasing process.
If you have questions about the now-sunset Information Systems Security Line of Business (ISSLoB) legacy program or federal shared services, please contact us at QSMO@hq.dhs.gov.