Schmidt takes charge of cybersecurity priorities

Howard Schmidt, cybersecurity coordinator and special assistant to the president, is taking charge personally of a Cross-Agency Priority Cybersecurity goal to support implementation of the Barack Obama administration’s three key cybersecurity priorities.

Schmidt announced his involvement in a March 30 entry on the White House blog.

The three priority areas are Trusted Internet Connections, continuous monitoring of federal information systems and strong authentication.

TIC consolidates external telecommunications connections, leaving a smaller number of vulnerable connection points that are thereby easier to monitor. Continuous monitoring of federal systems turns cybersecurity into “a dynamic risk mitigation program that provides essential, near real-time security status and remediation, increasing visibility into system operations and helping security personnel make risk-management decisions based on increased situational awareness,” he wrote.

And regarding authentication, Schmidt wrote, “Passwords alone provide little security. Federal smartcard credentials such as PIV (Personnel Identity Verification) and CAC (Common Access Cards) cards provide multi-factor authentication and digital signature and encryption capabilities, authorizing users to access federal information systems with a higher level of assurance.”

Schmidt wrote that his goal is to greatly improve federal agency adoption of the three priorities and other critical cybersecurity capabilities. He wants to see 95 percent utilization of them by the end of 2014.

“Many departments and agencies have been working on these areas for several years, and there has been much progress,” he wrote. “By focusing on these priorities we plan to push adoption past the tipping point of adoption for all federal systems.”

About the Author

Technology journalist Michael Hardy is a former FCW editor.

Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • Shutterstock imag (by Benjamin Haas): cyber coded team.

    What keeps govtech leaders up at night?

    A joint survey by Grant Thornton and PSC found that IT stakeholders in government fear their own employees and outdated systems the most when it comes to cybersecurity.

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

Reader comments

Tue, Apr 3, 2012 Jason Enfield Kansas

I was in the Marine Corps for 11 years and worked in IA half that time. I am currently dealing with the VA as they are our clients now. I work in a GRC group and believe that migrating over to a private network for our government so that controls can be put in place is Vital and should have been done directly after 911. Information is our most valuable asset after "The American" and control of that should be priority and controlled.

Mon, Apr 2, 2012 Todd

At what point do we simply unplug our national security and critical infrastructure systems from the internet and migrate them over to a private fiber network, making everyting virtually impenetrable? Even if malicious USB keys were left lying around for someone to plug in, if it's not connected to the internet, it cannot report back to the creator of the malware and thus causes no harm in terms of information breach (it could, of course, still disrupt systems ala Stuxnet). Before anyone screams about the "cost" of doing something so simple and nearly full proof, let me just say that if we can drop $1 trillion on unconstitutional Marxist healthcare, then surely we can come up with a few billion to secure our national security networks and water, electrical, etc. networks, right? This is not rocket science folks - and frankly it's embarrassing that our fumbling, bumbling, stumbling, $16-trillion-in-debt-and-climbing federal government can't figure out to simply unplug these systems from the internet and migrate them over to a private network.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group