Federal News Radio polled current and former federal cybersecurity experts for their opinion on what were the most significant cybersecurity accomplishments since 2006 to secure federal networks and improve public-private partnerships. The list below blends suggestions of more than 10 authorities on federal cybersecurity. The accomplishments are in no particular order.
Comprehensive National Cybersecurity Initiative
— The White House developed the Comprehensive National Cybersecurity Initiative (CNCI) in 2008 — including the Trusted Internet Connections (TIC) Initiative and Einstein 3 intrusion detection and prevention program. It was the first governmentwide policy to address the threats and challenges in cyberspace.
— DoD created the Defense Industrial Base pilot to enhance the security of the defense supply chain. It also put the Defense Cyber Crime Center (DC3) on the map as the DIB front door helping to fuse DC3’s forensics capability with the National Counter Intelligence Center and the law enforcement community.
— The creation of the position in the White House and within both the National Security Council and National Economic Council was a recognition of both the importance of cybersecurity and the threat the nation faces. It also lifted cybersecurity to become an issue most senior managers recognized as important.
— DoD, the intelligence community and the National Institute of Standards and Technology worked together to interlock policies to create the national risk management framework. The special publication also showed how the government and private sector could collaborate on security controls.
— The State Department demonstrated how it could monitor its networks in near-real time and increase their security. For instance, State performed world-wide patching of the Google security vulnerability within days. Agencies also are submitting data feeds about the status of their networks to cyberscope.
Consensus Audit Guidelines
— Public and private sector experts agreed upon the 20 steps that agencies and organizations can take immediately to close up holes in their networks and systems. The guidelines were drawn, in part, from the Air Force’s creation of a standardized desktop configuration. State also showed the guidelines reduced its measured security risk by more than 94 percent through the automation and measurement of the controls.
DHS Responsibility Grows
— The Office of Management and Budget transferred the operational authority of the Federal Information Management Act (FISMA) to DHS in July 2010. DHS now has a more active role in FISMA oversight, will implement continuous monitoring, and uses blue and red teams to ensure agency networks are secured. Additionally, DHS established the National Cybersecurity and Communications Integration Center (NCIC) in 2009 as a coordinated watch and warning center to address threats to the nation’s critical infrastructure.
National Level Cybersecurity Exercise
— DHS held the first cyber storm in February 2006 and three more since to prepare federal, state, local and private sector organizations for the possibility of a cyber attack or other cyber problem. It also has helped senior officials better grasp the implications of a cyber attack.