Critical Infrastructure Protection and Information Assurance

The objective of this task area is to support the protection of critical infrastructure, assurance of agency information, and operations that protect and defend information and information systems by ensuring confidentiality, integrity, availability, accountability, restoration, authentication, non-repudiation, protection, detection, monitoring, and event react capabilities. A comprehensive, but not limited, sampling of work to be performed under this task area is shown below:

• Cybersecurity
• Critical Infrastructure Asset Identification and Configuration Management Databases
• Information Assurance of Critical Infrastructure
• Risk Management (Vulnerability Assessment and Threat Identification)
• Facility Protection Planning
• Information Systems Security
• Security Operations Center Development and Operations Management
• Application Security
• Disaster Recovery
• Critical Infrastructure Continuity and Contingency Planning
• Incident Response Planning and Execution
• Security Certification and Accreditation
• Training and Awareness Programs
• Exercises and Simulation
• Federal Information Security Management Act (FISMA) Implementation Support
• Health Insurance Portability and Accountability Act Implementation Support
• Cryptographic Support and Services
• Record Management
• Public Key Infrastructure
• Trusted Internet Connections implementation
• Security Review and Analysis of Automated Information Systems
• Identity Management and Assurance
• Intelligent, Automated Data Collection and Analysis
• IT Forensics and eDiscovery