ACT-IAC is a unique public-private partnership where government and industry executives are working together to create a more effective, efficient and innovative government. This initiative is seeking innovation solutions to leading cybersecurity challenges.

See Questions Below

How It Works

The Government will benefit from recommendations by industry, government and academia on how to dramatically improve the government’s security posture (short and long term). Following consultations with the Government, ACT-IAC has identified several questions that would provide useful input to addressing this important issue. All interested persons are invited to participate in this process.

Through this initiative, ACT-IAC requests ideas on underutilized or new measures that have real potential to improve the Government’s operational security on a day-to-day basis -- new, plausible action steps that can bear fruitful and positive impact. ACT-IAC seeks a broad array of technical, policy, legal, operational, managerial, acquisition, funding and R&D ideas that collectively could improve federal cybersecurity. Information about specific company products or services is not being requested and will not be included in the final report.

ACT-IAC will report to OMB on information provided through this initiative, as well as key themes based on that information; ultimately, ACT-IAC intends to release a public report on the findings as well. The comment period will close on Friday, September 18. The report to the Federal Chief Information Officer (CIO) and the Federal CIO Council will be submitted by September 30, 2015.

Current Challenges

1. Addressing Cyber Fundamentals

Number of Ideas: 25

How do we move from inconsistent security/privacy protection control approaches to solid fundamentals that address most basic risks faced by agencies? Endorse existing ideas...

View Challenge

2. Business Initiated Vulnerabilities

Number of Ideas: 11

How can agencies sharpen focus on vulnerabilities created by (or exposed by) uninformed business/program users and the array of technology solutions embedded in service delivery that does not account for ...

View Challenge

3. Breach-to-Response Acceleration

Number of Ideas: 14

How can agencies effectively address current time lags with detection of and response to vulnerabilities and threats that will significantly compress breach-to-detection-to-response times? Please include...

View Challenge

4.Adopting a Threat-Aware Proactive Defense

Number of Ideas: 17

How should the government expand beyond its emphasis on perimeter defense and even defense-in-depth, and instead put more relative resources toward combining actionable threat intelligence with robust res...

View Challenge

5. Sharing of Threat Intelligence

Number of Ideas: 10

How can agencies and industry implement and sustain threat data sharing and create a robust, timely and systemic sharing environment (more than just incidents) that can allow agencies to operate collectiv...

View Challenge

6. Solving the Talent Search

Number of Ideas: 27

How can government tackle the cybersecurity talent search in a way that strengthens skills, experience, and knowledge both within government CISO/CIO and partner organizations and externally from contract...

View Challenge