A cyber handbook for the c-suite exec and rank-and-file fed

data breach (LeoWolfert/ 

Two tech advisory bodies to the government have developed a new guidebook to train and educate federal cybersecurity professionals.

The CISO Handbook, released June 26, is an outgrowth of the recently released President's Management Agenda and its call for agencies to tackle their tech and cybersecurity workforce challenges.

Drafted by the CIO and Chief Information Security Officer Councils, it was designed to appeal both to the C-Suite executive as well as the rank-and-file fed, according to Trey Kennedy, an analyst at the General Services Administration and advisor to the CIO Council.

"The way we wrote the handbook and the way we structured it was really based around plain language….you don't need a deep technical background to understand elements of it," said Kennedy on a June 28 call with reporters.

The document lays out the role that both CISOs and CIOs play in executing out the federal government's cybersecurity mission, outlines best practices around agency risk management and offers guidance around cybersecurity workforce challenges and development, hiring authorities and how to build a team of cyber professionals.

Kennedy said that the councils determined at the outset of the project that with a range of laws and statutory guidance on federal cybersecurity roles already available, agencies would benefit more from an aggregation of best practices from existing resources, such as those offered through National Institute for Standards and Technology's Cybersecurity Framework, the Department of Homeland Security and various presidential executive orders.

"One of the things we consistently heard throughout the councils is that these resources are in various places and when you're onboarding a new employee, it would be really great if there was…a single document [to] say, 'Look, this may not be the totality of the universe, but it gets you that foundational knowledge,'" said Kennedy.

About the Author

Derek B. Johnson is a former senior staff writer at FCW.


  • Comment
    customer experience (garagestock/

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected