Trending
Federal CISO needsrealpower
In a March 10 letter to President Barack Obama, the Department of Homeland Security’s National Secu- rity Telecommunications Advisory Committee seeks to ensure that the newly created position of federal chief information security officer has the authority to set policy and drive collaboration across government.
Industry experience suggests that “CISOs operate most successfully when they are empowered to work with stakeholders to develop incen- tives and establish penalties to foster implementation of policies and prac- tices,” NSTAC’s letter states.
To that end, the group advises creating an “action-oriented cyber- security council or leadership team that is convened by the CISO.” That group could be a federal community of practice along the lines of the CIO Council.
In an attached policy memo, NSTAC says the CISO must have vis- ibility into the highest-value assets in each agency and recommends an inventory of governmentwide IT and data assets.
In addition, the CISO should seek to prevent security incidents through the mandatory deployment of a plat- form that uses analytics to detect potential attacks and operates on a segmented, zero-trust basis to limit risks to high-value assets.
NSTAC wants to name and shame laggards through regular reviews of departments and agencies. Addition- ally, the group recommends that gov- ernment officials find ways to encour- age agencies to use shared services, common platforms for cybersecu- rity and vendor-managed solutions “to reduce the necessity for depart- ments/agencies to construct their own capabilities.”
— Adam Mazmanian
402 questions were received regarding the final FirstNet
request for proposals
$3B IT modernization fund left outofHousebudgetresolution
In a March 16 hearing to pass the fiscal 2017 budget resolution, the House Bud- get Committee rejected an amendment to provide $3 billion for a revolving IT modernization fund.
“I am greatly disappointed that House Republicans continue to put pol- itics ahead of national security,” Rep. Ted Lieu (D-Calif.), the amendment’s sponsor, said in a statement. “Imple- menting the president’s Cybersecurity National Action Plan by investing $3 billion to fund [upgrades to] legacy sys- tems, which are both hard to secure and expensive to maintain, should be an approach both sides of the aisle can agree on.”
President Barack Obama proposed the $3.1 billion fund in his fiscal 2017 budget request as a way to help agen- cies jump-start efforts to upgrade lega- cy IT to more modern, cloud-based sys- tems. Agencies would pay back into the fund based on the savings they achieve. Officials predict that the fund could
address $12 billion in modernization projects over 10 years.
Lieu and the amendment’s co-spon- sors sought to fund the plan by reduc- ing tax breaks on corporate jet depreci- ation, tax inversions and other frequent targets of Democratic lawmakers.
Committee members approved the $1.07 trillion budget resolution for fis- cal 2017 in a 20-16 vote, but they reject- ed the amendment in a 22-14 vote.
A spokesman told FCW that Lieu will “continue to push for this much- needed funding through the appropria- tions process.”
Lawmakers on both sides of the aisle have expressed skepticism about the fund’s cost and structure. Rep. Will Hurd (R-Texas), chairman of the House Oversight and Government Reform Committee’s IT Subcommittee, told reporters in February that “agencies need to incorporate modernization in their individual budgets.”
— Aisha Chowdhry
SupplyChain_Risk
@DisruptedSupply
@KelmanSteve talks to @schwartz_cio about Continuous Delivery in #GovIT @alwaysbeshipping http://ht.ly/ZBCdx
Reply Retweet Favorite
6:08 AM - 17 Mar 2016
Join the conversation
FCW usesTwitter to break news, field questions and ask our own.
Learn more atTwitter.com/FCWnow.
6 April 15, 2016 FCW.COM