Shows & Panels
Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- American Readiness: Renewable Power and Efficiency Technologies
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal News Radio's National Cyber Security Awareness Month Special Panel Discussion
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- Government Perspectives on Mobility and the Cloud
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- The New Generation of Database
- Reimagining the Next Generation of Government
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Top 10 cyber accomplishments since 2006
Tuesday - 10/23/2012, 1:22pm EDT
Federal News Radio polled current and former federal cybersecurity experts for their opinion on what were the most significant accomplishments since 2006 to secure federal networks and improve public-private partnerships, and what are the biggest and most critical remaining challenges. The lists blend suggestions of more than 10 authorities on federal cybersecurity. The accomplishments are in no particular order.
Comprehensive National Cybersecurity Initiative— The White House developed the Comprehensive National Cybersecurity Initiative (CNCI) in 2008 — including the Trusted Internet Connections (TIC) Initiative and Einstein 3 intrusion detection and prevention program. It was the first governmentwide policy to address the threats and challenges in cyberspace.
U.S. Cyber Command— The Defense Department brought together all of its cyber expertise and resources in command. It also gave the military services a way to coordinate and share data on threats and best practices.
DoD Information Sharing— DoD created the Defense Industrial Base pilot to enhance the security of the defense supply chain. It also put the Defense Cyber Crime Center (DC3) on the map as the DIB front door helping to fuse DC3's forensics capability with the National Counter Intelligence Center and the law enforcement community.
Cyber coordinator— The creation of the position in the White House and within both the National Security Council and National Economic Council was a recognition of both the importance of cybersecurity and the threat the nation faces. It also lifted cybersecurity to become an issue the most senior managers recognized as important.
800-53 Integration— DoD, the intelligence community and the National Institute of Standards and Technology worked together to interlock policies to create the national risk management framework. The special publication also showed how the government and private sector could collaborate on security controls.
Continuous Monitoring— The State Department demonstrated how it could move monitor its networks in near-real time and increase their security. For instance, State performed world- wide patching of the Google security vulnerability within days. Agencies also are submitting data feeds about the status of their networks to cyberscope.
Consensus Audit Guidelines— Public and private sector experts agreed upon the 20 steps that agencies and organizations can take immediately to close up holes in their networks and systems. The guidelines were drawn, in part, from the Air Force's creation of a standardized desktop configuration. State also showed the guidelines reduced its measured security risk by more than 94 percent through the automation and measurement of the controls.
DHS Responsibility Grows— The Office of Management and Budget gave the transferred the operational authority of the Federal Information Management Act (FISMA) to DHS in July 2010. DHS now has a more active role in FISMA oversight, will implement continuous monitoring and uses blue and red teams to ensure agency networks are secured. Additionally, DHS established the National Cybersecurity and Communications Integration Center (NCIC) in 2009 as a coordinated watch and warning center to address threats to the nation's critical infrastructure.
National Level Cybersecurity Exercise— DHS held the first cyber storm in February 2006 and three more since to prepare federal, state, local and private sector organizations for the possibility of a cyber attack or other cyber problem. It also has helped senior officials better grasp the implications of a cyber attack.
Cross Sector Working Group— DHS led the effort to create a group of subject matter experts from 19 private sector critical infrastructure communities to work together to develop and put into use a framework in the National Infrastructure Protection Plan.
This article is part of Federal News Radio's special report, Cybersecurity Rising.
MORE FROM THE SPECIAL REPORT, CYBERSECURITY RISING:
Column: Cyber dominance meaningless without skilled workforce (Rep. Jim Langevin, D-R.I.)
Column: Cyber inaction may be our Achilles' heel (Rep. Mac Thornberry, R-Texas)