CISA’s New Plan to Better Align Cybersecurity Operations
The Cybersecurity and Infrastructure Security Agency (CISA) is poised to unveil a strategic initiative designed to elevate the collective cybersecurity posture of federal agencies. Dubbed the Federal Enterprise Operations Cyber Alignment Plan, this strategy, slated for implementation in 2024, emphasizes the imperative of fostering collaboration among agencies. By sharing insights from recent cyber incidents and strategies, the plan aims to consolidate efforts towards a unified direction, with a particular focus on enhancing the capabilities of security operations centers’ analysts.
Michael Duffy, CISA’s associate director, stressed the significance of this coordinated approach during his discourse on Federal Monthly Insights – Security Operations Centers. Duffy highlighted, “As we advance into fiscal 2024, it’s crucial for CISA to maintain a strategic vision for the cybersecurity landscape ahead. We invited all federal agencies to review our collective experiences of the past year, discuss the cybersecurity challenges we face, and formulate a comprehensive action plan. The goal is to ensure a cohesive operational strategy moving forward.” The conversation revolved around the recent adjustments in cybersecurity defense operations facilitated by a series of binding operational directives, which mark a considerable shift in how cybersecurity is approached across the federal enterprise.
A key focus for CISA is strengthening collaborations with state, local governments, election officials, and federal partners to manage risks to national infrastructure. The evolution of the Continuous Diagnostics and Mitigation (CDM) dashboard is prioritized to help agencies refine their cybersecurity management strategies. Furthermore, ensuring that agencies utilize a secure baseline for cloud-based workplace and collaboration applications through the Secure Cloud Business Application (SCuBA) initiative remains crucial.
In discussing the core concept of alignment, Duffy mentioned, “The operational cyber enterprise plan we designed specifies areas where the federal government should focus its improvement efforts. We received invaluable input from chief information security officers (CISOs) and agency teams.”
Feedback from a survey conducted among government CISOs shed light on key challenges, notably identifying additional requirements for successful cybersecurity measures within agencies. Duffy elaborated on the necessity for a whole-of-government approach to advance cybersecurity operations beyond the capabilities of a single cybersecurity team.
The survey also highlighted the importance of the Known Exploited Vulnerabilities (KEV) catalog, urging agencies to prioritize vulnerability management to mitigate exploitation risks. Duffy expressed optimism about the progress seen in reducing the number of KEVs across agencies, viewing it as a critical step towards adopting more strategic cybersecurity frameworks like the zero trust model.
CISA’s zero trust strategy provides agencies with a reference model to develop their zero-trust architecture, supporting the creation of implementation plans and solution generation. Duffy emphasized the creation of a federal zero trust managers community of practice, focusing on facilitating meaningful dialogue and peer support to address the challenges of adopting zero trust methodologies.
Additionally, CISA’s mobile app vetting (MAV) service, already assisting 15 agencies, demonstrates promise in identifying app vulnerabilities and aiding agencies in making informed risk-based decisions. This service exemplifies CISA’s commitment to supporting federal agencies in securing their technological environments.
Through these initiatives, CISA envisions a future where federal cybersecurity operations are not only more unified and strategic but also resilient against the ever-evolving threats in the digital landscape. The Federal Enterprise Operations Cyber Alignment Plan represents a significant step toward realizing this vision, leveraging collaboration, and collective intelligence to forge a secure and robust national cybersecurity infrastructure.
