Crick Waters
My feedback
2 results found
-
2 votes2 comments · U.S. DOT FY 2024.1 Phase I Pre-Solicitation Q&A » 24-FT2: Cybersecurity – Mitigation of Cybersecurity Failures · Admin →
An error occurred while saving the comment -
6 votes1 comment · U.S. DOT FY 2024.1 Phase I Pre-Solicitation Q&A » 24-FT2: Cybersecurity – Mitigation of Cybersecurity Failures · Admin →
24-FT2: Mitigation of Cybersecurity Failures "requires working with a transit agency" to collect data and analyze the most common failure points.
There are many, many organizations that could claim to be a "transit agency." What is considered a valid "transit agency" for this topic (for 24-FT2: Mitigation of Cybersecurity Failures)?
There are non-transit agency organizations such as CharIN (https://www.charin.global/) that are working with National Labs to catalog and classify "the most common [cybersecurity] failure points;" however, this organization is not a "transit agency."
Is it acceptable for a potential offeror to work with a National Lab or with a non-transit agency organization (e.g., CharIN) to " collect data and analyze the most common failure points?"