The Defense Commissary Agency is looking to hire a rapid-response service available within an hour of any incident that breaches payment systems, threatens cardholder data or otherwise disrupts the agency’s systems, according to a contract put out for bid this month.
The service would be the first to assess any suspected attack against agency networks.
“Typical incidents include the introduction of viruses or worms into a network, DoS (denial of service) attacks, unauthorized alteration of software or hardware, and identity theft of individuals or institutions,” the solicitation states.
DeCA’s move follows a larger trend of government and military-related agencies moving to protect customer data in light of high-profile incidents where it was hacked or lost. The personal details of more than 21 million people were exposed in a 2015 hack of the Office of Personnel Management. The Department of Veterans Affairs has been criticized for its failure to protected sensitive information.