From: SIGNAL | The Cyber Edge
By Bob Gourley and Jane Melia
***
For those agency heads tasked with ultimate accountability for managing cyber risk under the presidential executive order signed May 11, the good news is that many federal technology leaders are selected because they don’t shy away from challenges. Their approaches hold great promise in improving cybersecurity and reducing digital risk.
These new tech leaders also can benefit from lessons learned following the cybersecurity reawakening after the 2015 Office of Personnel Management (OPM) data breach. That hack gave way to many initiatives that raised the bar on federal cybersecurity, including a “cybersecurity sprint” to reduce digital risk as quickly as possible. Agencies have noted progress on topics such as multifactor authentication, the Continuous Diagnostics and Mitigation (CDM) program, the use of independent/external verification and validation of security posture, and the use of cybersecurity best practices such as those outlined in the National Institute of Standards and Technology (NIST) Cybersecurity Framework. In fact, last month’s cyber executive order requires that all federal agencies immediately adopt the NIST framework.
Leave a Reply