Editor’s Note: OMB’s complete FISMA Annual Report is available here. Below is a brief excerpt
A. OMB’S ROLE IN FEDERAL CYBERSECURITY
In accordance with FISMA Section 3553, OMB is responsible for the oversight of Federal agencies’ information security policies and practices. While agencies share the responsibility for Federal
cybersecurity, the need for coordination across the Federal Government has grown in order to keep pace with increasing threats. Accordingly, OMB works to ensure that agencies are equipped with the proper
tools and processes needed to enhance their cybersecurity capabilities. In FY 2015, OMB established the OMB Cyber and National Security Unit (OMB Cyber) within the Office of the Federal Chief Information
Officer (OFCIO)1 to expand its oversight of agency cybersecurity practices. OMB Cyber works to strengthen Federal cybersecurity through:
- Data-driven, risk-based oversight of agency and government-wide cybersecurity programs;
- Issuance and implementation of Federal policies to address emerging IT security risks; and,
- Oversight of the government-wide response to major incidents and vulnerabilities to reduce adverse impact on the Federal Government.
During FY 2015, OMB Cyber, in close coordination with NSC and DHS’s National Protection and Programs Directorate, accelerated the adoption of Administration priorities through direct engagements
with agency leadership and government-wide initiatives to address known cybersecurity gaps. The subsections below detail these activities and OMB Cyber’s ongoing work to oversee and improve Federal
agencies’ cybersecurity performance.
Leave a Reply