A plan to align operational cybersecurity priorities for more than 100 federal agencies has been published by America’s Cyber Defense Agency, or to be more formal the Cybersecurity and Infrastructure Security Agency. The plan is designed to reduce cybersecurity risk to federal civilian executive branch agencies, covering everything from supply chain management to incident response. Given that cybercriminals are not adverse to targeting such agencies when it comes to ransomware attacks, and state-sponsored threat actors obviously have them in the crosshairs, this is a long overdue move.
What Is The Federal Civilian Executive Branch Cybersecurity Alignment Plan?
The federal civilian executive branch cybersecurity alignment plan has been introduced by CISA, which is responsible as the operational lead for federal cybersecurity issues, with the aim of guiding and coordinating support for agencies, advancing specific priorities and aligning defense capabilities.
The FOCAL plan will apply to more than 100 FCEB agencies, including the likes of the Defense Nuclear Facilities Safety Board, Department of Energy, Department of Homeland Security, Department of the Treasury and Election Assistance Commission. A complete list of the agencies is available at the CISA site.
Given that each of the FCEB agencies has a totally unique mission, complete with its own autonomous networks and system architectures, it introduces a distinct nature to the cyber risk tolerance of each as well as the strategies employed to minimize that risk. As you can imagine, this makes it harder to ensure that collectively they are properly employing the right components of a mature operational cybersecurity posture.
When announcing the FOCAL plan, CISA was keen to emphasize that a collective approach to cybersecurity can reduce risk across the entire portfolio of agencies as well as each on an individual basis. Indeed, the basis behind the introduction of the plane, apart from helping to make America secure, is to “align collective operational defense capabilities across the federal enterprise,” CISA said.
The Five Steps Needed To Make America (Cyber) Secure Again
While no plan can hope to provide an end result of 100% security, because such a guarantee is impossible, the plan recognizes this and is instead designed to focus resources on the actions that can be taken to advance operational cybersecurity improvements.
With this in mind, the FOCAL plan has five areas of priority that align with the agencies’ own metrics and reporting requirements.
- Asset management so as to comprehensively understand the cyber environment for each agency, which includes both the operational terrain and interconnected assets.
- Vulnerability management to proactively protect agency enterprise attack surfaces and aid in the assessment of their defensive capabilities.
- Defensible architecture is required to design a cyber-infrastructure that recognizes security incidents will occur; it’s not a maybe-sometime scenario, and so resilience needs to be built in.
- Cyber supply chain risk management is needed now more than ever; it’s not just physical supply chains that present risk at a nation-state level. Such management needs to be able to identify and mitigate risks from third parties to federal IR environments in a timely manner.
- Incident detection and response must be improved so that the ability of Security Operations Centers to detect, respond to and limit the impact of security incidents is as up-to-date as possible.
“Federal government data and systems interconnect and are always a target for our adversaries,” CISA executive assistant director for Cybersecurity, Jeff Greene, said, “FCEB agencies need to confront this threat in a unified manner and reduce risk proactively.” The above action points will guide those agencies toward effective operation cybersecurity processes as well as building resilience, Greene said, concluding “CISA is modernizing federal agency cybersecurity.”
