A majority of cyber programs across the federal government are “at risk,” according to a report released earlier this month from the White House’s Office of Management and Budget, but agencies can take four actions to correct that status.
The Federal Cybersecurity Risk Determination Report and Action Plan, produced by OMB and mandated by a May 2017 executive order on cybersecurity, found that 74 percent of the 96 agencies participating in the risk assessment process had programs that were at moderate or high risk.
“Federal agencies are not equipped to determine how threat actors seek to gain access to their information. The risk assessments show that the lack of threat information results in ineffective allocations of agencies’ limited cyber resources. This situation creates enterprise-wide gaps in network visibility, IT tool and capability standardization and common operating procedures, all of which negatively impact federal cybersecurity,” the report said.
Though agencies face many problems when it comes to cyber risk, the report found four primary categories where agencies struggles:
- Agencies do not understand and do not have the resources to combat the current threat environment.
- Agencies do not have standardized cybersecurity processes and IT capabilities, which impacts their ability to efficiently gain visibility and combat threats.
- Agencies lack visibility into what is happening on their networks, and especially lack the ability to detect data exfiltration.
- Agencies lack standardized and enterprise-wide processes for managing cybersecurity risks.
These problems stemmed from a lack of resources and skilled personnel, as well as poor allocation of available resources to priority issues.
Over the next year, OMB plans to undertake four actions to address each of the problems:
- Increase cybersecurity threat awareness among federal agencies through use of the Cyber Threat Framework to prioritize efforts and manage cybersecurity risks.
- Standardize IT and cybersecurity capabilities to control costs and improve asset management.
- Consolidate agency security operations centers and have larger agencies offer those centers to smaller agencies as a service to improve incident detection and response capabilities.
- Drive accountability across agencies through improved governance processes, recurring risk assessments, and OMB’s engagements with agency leadership.
“In the near term, OMB will take necessary actions to implement the Cybersecurity Threat Framework, standardize IT capabilities and tools, consolidate or migrate SOC operations, and drive accountability for cybersecurity risk management across the enterprise. These actions will help shape agency budgets for FY 2019 and beyond,” the report said.