Cyber Security IDIQ

Washington Metropolitan Area Transit Authority (WMATA) – IT Cyber Security (ITCS)

The Office of IT Cybersecurity (ITCS) is responsible for ensuring that cybersecurity risks are identified, understood, managed, and remediated to a level acceptable to WMATA. Over one million customers travel in the Metro system each day, relying on an increasingly automated transit infrastructure to take them safely to their destinations. Cybersecurity is not only a corporate concern for WMATA, it is a public safety concern. To protect the traveling public, as well as WMATA’s internal operations, ITCS engages in all functional areas of cybersecurity work: Operations, Governance, and Risk Management. Cybersecurity operational activities ensure that there are adequate tools and technology to identify, monitor, and handle cyber threats effectively. The cybersecurity governance program area is aligned with the WMATA General Manager’s strategy and high-level objectives and goals.

The cybersecurity risk management program identifies and mitigates threats through the application of the NIST (National Institute of Standards and Technology) Risk Management Framework. ITCS’ vision is to build and operate the leading cybersecurity program in transportation, holistically protecting its employees and customers. ITCS’ main mission is to advance WMATA’s mission through the collaborative development and adoption of enterprise-wide cybersecurity policies matched by prioritized risk management-based implementation of cybersecurity defenses that both enable outstanding customer operations while balancing risk, resource constraints and the need for innovation, and that are subject to clear and measurable performance goals for securing information resources and systems WMATA-wide.

The following program areas are supported under the three ITCS Directorates of Operations, Governance, and Risk Management: