Page 79 - FCW, November, December 2018
P. 79

 CYBERSECURITY & MODERNIZATION
establish standards for federal websites to include secure, mobile- friendly interfaces. And in 2017, the Modernizing Government Technology Act authorized a central fund from which agencies could draw to help pay for IT updates.
Furthermore, initiatives such as the Federal Risk and Authorization Management Program (FedRAMP), Trusted Internet Connections, Continuous Diagnostics and Mitigation (CDM) and the National Institute of Standards and Technology’s Cybersecurity Framework remind agencies to consider cybersecurity in the context of new and existing technologies.
For example, to achieve FedRAMP certification, cloud solutions meet certain levels of cybersecurity. The Department of Homeland Security designed CDM to help agencies identify risks on an ongoing basis and then mitigate them according to threat levels. CDM’s new Dynamic and Evolving Federal Enterprise Network Defense series of task orders supports enhanced security for
cloud and mobile technology, a standardized approach to incident response and stronger boundary protections that align with IT modernization efforts.
Building a stronger workforce
There are other signs that the government’s approach to cybersecurity is evolving. In the Trump administration’s fiscal 2019 budget request, White House officials wrote that “although the federal government spends roughly $90 billion annually on IT, these systems remain outdated and poorly protected. The administration will increase
the use of modern technologies, retire highly insecure and outdated systems, and direct modernization cost savings to mission-driven outcomes. The administration will improve its ability to identify and combat cybersecurity risks to agencies’ data, systems and networks.”
One tactic involves strengthening the government’s cybersecurity workforce. In 2017, OPM launched CyberCareers.gov as part of
the Federal Cybersecurity Workforce Strategy to help “build the cybersecurity workforce pipeline as well as recruit, hire, develop and retain top talent,” a press release states.
In addition, DHS runs the National Initiative for Cybersecurity Careers and Studies, which includes the Federal Virtual Training Environment. FedVTE offers free courses on ethical hacking and surveillance, risk management and malware analysis for government employees and veterans who want to become cybersecurity professionals.
In a report released in May, DHS and the Commerce Department called for “immediate and sustained improvements in the country’s cybersecurity workforce,” in part by encouraging the public and private sectors to join forces. The report was prompted by the Trump administration’s 2017 Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.
Given the challenges, it’s not surprising that digital transformation is the top-ranked business priority among government CIOs, according to Gartner. Fortunately, policies and resources are in place to help agencies make the transition.
                                                     $80B
Proposed spending on
IT and cybersecurity in the Trump administration’s fiscal 2019 budget
$100M
Approved by Congress in fiscal 2019 for the new Technology Modernization Fund, from which agencies can borrow to update their IT
$210M
The fiscal 2019 budget request for the Technology Modernization Fund
30,899
Information security incidents reported
by federal agencies in fiscal 2016
$57B-$109B
Estimated cost of malicious cyber activity to the U.S. economy in 2016
       SPONSORED CONTENT | S-79
    Sources: CIO.gov, White House, Heritage Foundation








































































   77   78   79   80   81