Agencies get cyberattack guidance

CIO Council memo

The CIO Council and the Office of Management and Budget issued guidelines

this week directing agencies to coordinate cyberattack reports and warnings

with the Federal Computer Incident Response Capability.

The memorandum details the processes that agencies should follow to

improve coordination and interaction with FedCIRC at the General Services

Administration.

The memo requires agencies to:

* Report externally generated security incidents to FedCIRC.

* Make sure alerts and warnings from FedCIRC are received by the appropriate

people at each agency.

* Acknowledge, when necessary, that they received the FedCIRC messages

and explain the corrective actions taken.

The memo was signed by Sally Katzen, chairwoman of the CIO Council and

deputy director for management at OMB, and Jim Flyzik, vice chairman of

the council and CIO of the Treasury Department.

The CIO Council's Security, Privacy and Critical Infrastructure committee

developed the memo with OMB, GSA and agencies throughout government. It

comes in the wake of the problems with the reporting and response processes

that were highlighted by e-mail viruses earlier this year.

When the "love bug" hit in May, agencies and FedCIRC found themselves

struggling to get out warnings and put protections in place, and the General

Accounting Office testified before Congress that better information sharing

procedures are needed.

By coordinating with FedCIRC, agencies will be able to improve security

not only for themselves, but also for other agencies. "When faced with security

incidents, an agency should respond in a manner that both protects its own

information assets and helps other organizations that might also be affected,"

the memo states.

The memo includes a table indicating three levels of agency contact

information for FedCIRC, including the agency CIO and the security manager

or system administrator for the agency's headquarters and offices. OMB asked

agencies to send contact information to FedCIRC by the end of October.

It also lists the type of information that should be shared between

agencies and FedCIRC and when the sharing should occur.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.