By Molly Bernhart Walker
Cybersecurity is one of the Obama Administration’s top five information technology priorities, said Federal Chief Information Officer Steven VanRoekel, while speaking at a Feb. 24 AFECA Bethesda event. He said cybersecurity will be a focus for 2012 and there are “exciting investments” planned for fiscal 2013 that will enhance cybersecurity.
“The president’s budget for 2013 proposes a $769 million increase to support the national cybersecurity division at DHS. One of the parts that I’m most excited about is a little over $200 million to improve governmentwide continuous monitoring, so technology that will allow us to deploy into agencies the ability to do continuous monitoring for malicious activities across those agencies, giving us one view,” said VanRoekel.
During a panel portion of the event, Homeland Security Department CIO Richard Spires said DHS is acting as a “guinea pig” for new continuous monitoring technology. “The last thing we want to do is issue policy and start implementing programs and then go, ‘Well that isn’t really going to work well,'” said Spires.
FedRAMP also has a continuous monitoring requirement, noted Spires. VanRoekel said that FedRAMP and DHS’s continuous monitoring efforts should combine to give a “view across the federal footprint from cloud to on premise.”
A recently-introduced Senate cybersecurity bill pushes so strongly for continuous monitoring across government, it would add a continuous monitoring requirement to the Federal Information Security Management Act of 2002.
VanRoekel said OMB is doing more to hold agencies accountable through metric-based score cards charting cyber compliance on performance.gov. Cybersecurity was added as a “cross agency priority goal” on performance.gov earlier this year, he said. The emphasis on cybersecurity marks a departure from VanRoekel’s predecessor, whose priorities largely centered around coupling cost savings with innovation.
At the unveiling of the Office of Management and Budget’s 25-point plan to reform federal IT, Defense Department CIO Teri Takai urged then-federal CIO Vivek Kundra to “really look at the cybersecurity aspects as important as our innovation and efficiency drives.” Kundra assured Takai that cybersecurity was “baked in” with the 25 goals, even though it was not explicitly stated.
– listen to VanRoekel’s Feb. 24 remarks