The Office of Management and Budget (OMB) has released a memorandum on the implementation of a cybersecurity strategy for the federal civilian government. The Cybersecurity Strategy and Implementation Plan (CSIP) is the result of the Cybersecurity Sprint initiated by Federal Chief Information Officer Tony Scott.
The Cybersecurity Sprint was a 30-day review of the federal government’s cybersecurity policies, procedures, and practices that was completed earlier this year. The Sprint Team was led by OMB and included representatives from the National Security Council, the Department of Homeland Security, the Department of Defense, and other federal civilian and defense agencies.
CSIP was released October 30, and focuses on five areas:
- Identification and protection of high-value assets and information;
- Timely detection of and rapid response to cyber incidents;
- Rapid recovery from incidents and accelerated adoption of lessons learned during the cyber sprint;
- Recruitment and retention of a highly-skilled cybersecurity workforce; and
- Efficient and effective acquisition and deployment of existing and emerging technologies.
The plan outlines many objectives and actions, including the coordination of OMB, the National Security Council, and the Department of Homeland Security in issuing incident response best practices for use by federal agencies. These best practices will be continuously updates, and will incorporate lessons learned from past cyber incidents to ensure future incidents are mitigated in a consistent and timely manner.
For more information on the Cybersecurity Strategy Implementation Plan, please follow the links below.
M-16-04,Cybersecurity Strategy and Implementation Plan (CSIP) for the Federal Civilian Government
Federal cyber strategy plan released, Federal Times