Ok, now we are starting to get into the action points that have a lot more complexity and will absolutely require an “intelligent playbook” and innovative tools to implement appropriate mechanisms, priorities, processes, policies, roles, responsibilities, activities and more across the federal government.
Based on Lessons Learned, Inspector General Reports and a recent May 2009 GAO Report that stated 23 out of 24 major federal agencies had weaknesses in their agencywide information security programs…it is obvious that action point 5 is going to be extremely difficult to implement and manage.
Action Point 5 – Convene appropriate interagency mechanisms to conduct interagency-cleared legal analyses of priority cybersecurity-related issues identified during the policy-development process and formulate coherent unified policy guidance that clarifies roles, responsibilities, and the application of agency authorities for Cybersecurity-related activities across the federal government.
So why is Action Point 5 going to be so difficult to implement and manage?
First, too many Cybersecurity efforts focus too much on Technology products. It will be critical for the Cybersecurity Adviser to realize that a successful Cybersecurity program must include an equal and ongoing focus on Technology, People and Processes.
Take a closer look at Action Point 5 and you will see it is mostly about People and Processes – mechanisms, analyses, issues, processes, guidance, roles, responsibilities, authorities and activities.
Second, most organizations do not have the right “tools”. Organizations need better tools to replace manually intensive methodologies and megaphone management efforts that are well documented as not working. Visionary tools, like MOAT from Awareity, are needed to implement and manage:
- People and Process Controls
- Lessons Learned
- Accountability and Auditability at the Individual Level
- Situational Awareness as Cybersecurity Threats Change…continuously
I hope the new Cybersecurity Adviser calls me!
Stay tuned for action point 6…
