Interagency Collaboration Jumpstarts Cybersecurity Modernization
In the past year, agencies have cooperated on national security and security policy.
IT modernization is one of the foremost initiatives across the federal government, and cybersecurity is proving to be a key component in that initiative.
“Every modernization element is a chance to bring along the best tools in cybersecurity,” said Federal Chief Information Officer Suzette Kent, speaking at the Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Summit. “We inherently pick up components that improve our overall security profile.”
Following on from CISA’s formation by law in November of last year, several federal agencies have stood up their own cybersecurity offices and coordination centers, from the Department of Energy’s Cybersecurity, Energy Security, and Emergency Response Office to the National Security Agency’s Cybersecurity Directorate, which officially stands up on October 1.
“Building strong” is the best way to build for the future, emphasized Anne Neuberger, the director of NSA’s Cybersecurity Directorate. Neuberger began her career developing code in the financial sector and recalled when the focus was on releasing code quickly, rather than releasing secure code. Thankfully, she said, she has seen the focus shift towards security in recent years.
In the next 60 days, Neuberger’s plan for the NSA is to “come together” around IT modernization. She plans to examine pilot programs and rapidly scale them, focusing on not just modernization, but on transformation. The United States’ nuclear command and control system is one system that will figure heavily into this transformation initiative. The technology for nuclear command and control has to remain functional and secure for decades, Neuberger said, even “as computing evolves.”
IT modernization and transformation hinge upon interagency collaboration and cooperation, CISA Assistant Director for Cybersecurity Jeanette Manfra said, noting a visible uptick in the level of support between agencies. When it comes to national security, DHS and FBI “are BFFs,” she joked.
Tonya Ugoretz, the deputy assistant director for the FBI’s Cybersecurity Division, agreed. Her division thinks about its role in “a constellation of entities” she said, which “requires a blend of mission, authorities, and capabilities” to tackle emerging challenges in cybersecurity. Increased sustained collaboration is the next step.
“You have to build those trust relationships,” she said, to create a foundation for cooperation. The FBI and Department of Justice’s recent investigations and indictments into attackers have been part of a whole of government defensive effort, she stressed, and the FBI will need partners to bring a full range of defensive tools against cyber threats.
Kent mentioned the new trusted internet connection (TIC) policy as one area where collaboration fostered modernization. The previous policy had not been updated since 2007, she said, and so part of her office’s goal was to implement methods for evaluation so the policy would not grow stale again.
TIC 3.0 represents “an agile approach to policy development,” said Jack Wimer, deputy chief information officer and chief information security officer for the Department of Defense. He recognized the collaboration between Kent’s office and DHS as essential to that approach and an example for how agencies can cooperate going forward.
The Department of Homeland Security’s input was also crucial to ensuring the policy was optimal for both the current and future environment “Don’t be afraid to ask, ‘can we do it better?’” Kent recommended, both for IT transformation across the federal government and as career advice to those in the IT sector. For Kent, that question created pathways to better methods and products throughout her career.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
How Agencies Are Handling Evolving Cybersecurity Challenges
Hear federal cybersecurity experts discuss strategies for staying informed about the latest threats, tools and policies.
30m watch -
The Intersection of Zero Trust and AI in Government
Agencies can modernize cyber hygiene practices to leverage AI while also thwarting bad actors who are taking advantage of it.
21m watch -
Federal Efforts to Secure Data and Build Resiliency
This issue delves into advancements in cyber resiliency within the federal government amid an evergrowing digital world.
16m read -
DHS Tabs Cyber and AI as Innovation R&D Priorities
The agency’s plan utilizes AI to better address future threats, secure critical infrastructure and improve workforce efficiency.
5m read