Looks like some amendments have been issued to the RFP for the Nationwide Public Safety Broadband Network. However, so far it does not look like there has been much change to the section on cybersecurity. There appears to be only a line or two changed in the document between the versions.

This last week saw the release of the RFP for the National Public Safety Broadband Network (NPSBN) by the First Responder Network Authority (FirstNet). One whole section of the RFP package was dedicated to cybersecurity.

The RFP laid out a number of concepts that are to be considered critical to the design of the security solution:

• Public Safety Needs
• Dedicated Cybersecurity Program
• Federal Requirements (i.e. FISMA)
• Architecture
• Life-Cycle Process
• Guidance (i.e. Standards Organizations, Industry)
• Systems Engineering
• Risk Management
• Incident Response and Security Operations Center
• Continuous Monitoring and Mitigation Methodology
• Testing and Certification Plan
• Network Management and Configuration Management Policy
• Environmental and Physical Security
• Information Security and Data Sensitivity

Given the nature of the network’s primary user base (public safety), security is an important requirement. The network will be carrying sensitive information subject to a variety of laws including HIPAA. The RFP document does seem to cover requirements to cover most every aspect of the network.

Resources:

First Responder Network Authority. “Solicitation No. D15PS00295 – Section J, Attachment J-10
Cybersecurity” Retrieved from: https://www.fbo.gov/utils/view?id=7d9982dba8e87f697802f846f08601b8