Showing 4 ideas for tag "responsibilty"
kudos icon +

1. Addressing Cyber Fundamentals

Cybersecurity is everyone’s responsibility

Although the OPM breach has been the major source of cybersecurity discussion the past few months, it is certainly not the only issue that needs to be addressed. During the panel discussion at the NACo Summit we also covered topics like the White House Cybersecurity Sprint and how to better protect systems and data for long-term security.
If you are not familiar with the 30-day White House Cybersecurity sprint, it is... more »

Voting

6 votes
Public Input
kudos icon +

1. Addressing Cyber Fundamentals

Supported ITAPS recommendations, part 4

Finance and Procurement:

Organizational procurement programs should have clearly defined and communicated priorities, accompanied by clear direction to procurement agents on the procedures to acquire technology consistent with those priorities, resulting in a consistent, predictable, and agile acquisition approach that will result in more secure technology deployments. For example, the Director of the Office of Management... more »

Voting

2 votes
Public Input
kudos icon +

1. Addressing Cyber Fundamentals

We know what's wrong, but do we know what to fix?

Leadership is on the right track when it asks why people and organizations don't do what they're supposed to do. Lessons observed (what we know) aren't converted enough into lessons learned (what we do) to prevent familiar security lapses.

This is true of ALL organizations, not just government, and always boils down to one thing: Behavior. Doing the right thing the right way, or not, is about behavior whether you're... more »

Voting

2 votes
Public Input
kudos icon +

1. Addressing Cyber Fundamentals

Hold agencies accountable to NIST Cybersecurity Framework

The NIST Cybersecurity Framework (CSF) did a great job describing what is needed to have a good cyber security posture, but it leaves you hanging on how do you do it; what are good practices; how do you measure it? To help assess the operational cyber defense posture of Department of Defense (DoD) systems, Office of Secretary of Defense (OSD), Director Operational Test and Evaluation (DOT&E) developed metrics using the... more »

Voting

2 votes
Public Input