A new purchasing collaboration could make buying high-end cybersecurity solutions more economical for state and local government agencies.
Called the Trusted Cyber Security Purchasing Alliance, the conglomerate captures the best prices in security products and services from vendors and then provides those options to state, local, territorial and tribal governments, and related nonprofit entities.
Created by the Center for Internet Security (CIS), a nonprofit organization focused on improving online security, the goal is to combine the purchasing power of the public sector to improve the cybersecurity levels of all participants while making the procurement process easier.
The idea spawned from CIS’ earlier work with state and local governments in 2007, when it helped lower the total cost of encryption technology. According to CIS, the savings and cost avoidance totaled more than $40 million. Although it was more of an ad hoc effort at the time, that framework is now serving as a basis for a more formalized purchasing system.
Will Pelgrin, president and CEO of CIS, said state and local governments’ buying power is huge when aggregated. Similar purchasing structures have been developed in other industries, he said, but it hasn’t been brought together in the cybersecurity world until now.
“All we’re trying to do is be that broker to bring the best price and best value in improving cybersecurity posture to the membership,” he said.
Pelgrin added that the difference between CIS’ Alliance and other purchasing consortia is that this program really isn’t a consortium. Instead of just being a conduit for low prices, CIS is getting feedback from its members on exactly what online security issues they are concerned about and need addressed. The alliance then goes out and solicits the vendors that can provide solutions, whether its technology or training.
It may also allow financially challenged smaller governments to more readily jump on the latest cybersecurity developments and trends.
“We’re identifying the critical needs and then going after the potential solutions to bring them to the table,” Pelgrin said.
While the organization’s membership is a key driver of the effort, being a member isn’t a prerequisite of taking part in the alliance. Any government agency in the U.S. can reap the benefits of the program.
A website for the alliance has yet to launch, but Pelgrin was firm that work on the program’s implementation is moving forward. CIS is in the process of meeting with leading providers of cybersecurity solutions that could be a part of the group.