Chris DeRusha, a senior cybersecurity advisor in the office of White House Chief Information Officer Tony Scott, said his office will “very soon” issue a Cybersecurity Strategy and Implementation Plan (CSIP) for federal government civilian agencies that will build on efforts to improve agency network security following completion earlier this year of a 30-day “sprint” to boost cyber defenses after disclosure of major hacks of Office of Management and Budget networks.

Speaking today at a meeting of the federally-chartered Information Security and Privacy Advisory Board, Mr. DeRusha said CISP will be a “broad document . . . that is really an action plan” and will cover what agencies can do to improve security over the next six to 12 months.   CSIP, he said, will be presented as  “implementation guidance writ large.”

The plan will focus on familiar goals including promoting better identification and access permissioning for high-value assets, detection and rapid response, rapid recovery following cyber incidents, and employee recruitment and retention, he said.  Federal agency leadership at the deputy secretary level will be involved with implementing CSIP, he added.

“A lot of the stuff you see [in CSIP] won’t surprise you but will make you say, ‘it’s good we are working on that,’” he said.

Speaking of the cyber “sprint” effort earlier this year, Mr. DeRusha said “we got a lot done” including scanning for vulnerabilities, patching critical network vulnerabilities, improving security for high-value assets, deploying threat indicator technologies, and improving network access controls by implementing the use of personal identity verification (PIV) cards.

On the latter task, he said, “there was a lot of progress made in weeding out who had permissions” to access critical networks.  He added that “real challenges still exist at some agencies” regarding use of PIV cards, but that “we are working with agencies on that.”  He did not identify the agencies that were slow to implement the use of PIV cards.

But, he said, federal agencies “are very much paying attention to everything we say,” adding, “I’ve seen a lot of change over the past six months.”

Some agencies have been slow to implement security improvements because of budget constraints, Mr. DeRusha said, adding that “we are weighing that into the calculus.”

He said that approximately 80% of federal agencies – a total which includes numerous smaller agencies – now employ some version of the Einstein security technology on their networks, although some do not need to use the most advanced version. – John Curran, john.curran@wolterskluwer.com

Courtesy TRDaily