ITAPS recommends vast changes to federal cybersecurity policy
- By Sean Lyngaas
- Aug 03, 2015
After the unprecedented breaches of the Office of the Personnel Management exposed the personal information of some 22 million people, the Obama administration turned to industry for ideas for shoring up federal cybersecurity. The Information Technology Industry Council’s public sector division offered a slew of ideas Aug. 3, including establishing a permanent position that directs cyber activities across the government.
The feedback, which came from experts at 20 tech firms, including IBM, Microsoft and Oracle, said that the government’s 30-day “cybersecurity sprint” to shore up vulnerabilities “manifests the sense of urgency that should be core to the cybersecurity culture and approach.”
The Information Technology Alliance for Public Sector recommended separating the functions of agency chief information security officers from chief information officers, setting up a means for CISOs to send their security concerns directly to agency heads, and making IT security part of performance reviews for government employees and contractors.
On recruitment, ITAPS recommended the government tout that its networks are under siege and pose “unique security challenges.” Like the Department of Homeland Security, other agencies should look for pay incentives to recruit and retain cyber talent, the report said.
The ITAPS recommendations also recognized that the clock is running out on an administration that has prioritized cybersecurity while responding to a series of large hacks of federal agencies. “Urgently identify and prioritize protection of … all vulnerable systems, updating to more secure configurations before reconnection,” the report advised.
Cybersecurity “can no longer be viewed as an isolated issue. It should be a top priority government wide,” Trey Hodgkins, ITAPS’ senior vice president for public sector, said in a statement.
Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.
Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.
Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.