From sweeping national strategy plans, to billions being budgeted for zero trust, to pushing the private sector for more secure software – those are just some of the big moves that the Federal government is making right now to drive forward its broad cybersecurity agenda.
Here’s a rundown on recent Federal cyber moves that you ought to know more about, with the next big learning and networking opportunity coming on May 17 in Washington, D.C.
The White House is looking to release the implementation plan for its National Cybersecurity Strategy as early as next month. The Office of the National Cyber Director (ONCD) released the strategy in March with multiple focus points – including continuing efforts to improve security in already-regulated critical infrastructure sectors, a high-level goal of shifting more security responsibility onto providers of tech products and services, and a robust focus on using “all tools of national power” to go after attackers. The strategy is poised to be the nation’s most comprehensive cyber directive to date, going well beyond information sharing and public-private partnership.
Federal Chief Information Security Officer Chris DeRusha recently said that the Biden administration is requesting roughly $12 billion in fiscal year (FY) 2024 funding in connection with efforts to roll out zero trust security across the entire government. DeRusha, who also serves as the deputy national cyber director, said that not every cybersecurity investment in an agency is going to be a zero trust investment, but zero trust is about half of the total proposed $12 billion cybersecurity spend for non-defense Federal civilian agencies. Looking government wide, DeRusha said that spending requests related to zero trust security are in the neighborhood of $12 billion for FY2024.
The Cybersecurity and Infrastructure Security Agency (CISA) is turning up the jets on its campaign to require better security in software sold to the government, as dictated by President Biden’s 2021 cybersecurity executive order. Just last week, CISA released for public comment its proposed Secure Software Self-Attestation Common Form that will put software makers on the record that they are following specific security practices CISA is seeking public comment on the form through June 26, with comments to be submitted via the Regulations.gov website.
Interested in finding out more about the cutting edges of cyber policy and implementation?
From zero trust to supply chain security to cloud security to information sharing and more, join us and hear it straight from the Feds running cyber ops at eight agencies and military service branches, along with their private sector partners, at MeriTalk’s Cyber Central – Public-Private Priority on May 17 from 1 p.m. to 5 p.m. at District Winery in Washington, D.C.
If those projects sound like you, then meet us in D.C. on May 17 where the Federal government cyber policy experts will explain how they are getting it done right now at the ONCD, Cybersecurity and Infrastructure Security Agency, U.S. Army, Department of Homeland Security, VA, Department of Energy, Education Department, and Defense Information Systems Agency.