Agencies should prioritize investments leading to ‘designed-for-safe’ technologies, White House says in new budget guidance, also prioritizing ‘performance-based’ regulation, potentially funding new executives in ‘specialized cyber’ to address the new national cybersecurity strategy by providing Hey analysts. “
Guidance released this week outlines the Biden administration’s cyber priorities for the Fiscal Year 2025 budget. The document was signed by OMB Director Shalanda Young and Acting National Cyber Director Kemba.
Agencies should prioritize investments leading to ‘designed-for-safe’ technologies, White House says in new budget guidance, also prioritizing ‘performance-based’ regulation, potentially funding new executives in ‘specialized cyber’ to address the new national cybersecurity strategy by providing Hey analysts. “
Guidance released this week outlines the Biden administration’s cyber priorities for the Fiscal Year 2025 budget. The document was signed by OMB Director Shalanda Young and Acting National Cyber Director Kemba Walden.
This is in line with President Joe Biden’s five pillars. national cyber strategy Announced in March, it begins with a commitment to “defending critical infrastructure.” And for federal agencies focused on modernizing their cyber defenses, the guidance doubles down on efforts under his May 2021 Cybersecurity Executive Order.
“Government investments should lead to durable, long-term solutions that are secure by design,” the guidance states.
similarly Last year’s instruction The White House has directed agencies to show “progress in zero trust deployments” in their budgets.of 2022 Zero Trust Strategy Directed government agencies to achieve a specific goal of establishing a Zero Trust architecture by the end of fiscal year 2024.
The budget submission will “explain efforts to fill gaps in these requirements” and “explain how agencies are investing in people, processes, and technology that will improve agency capabilities in line with the Zero Trust maturity model.” It should be clarified how it will be supported.
Former House Oversight and Reform Committee staffer and current Hettinger Strategic Group Chairman Mike Hettinger applauded the White House’s continued efforts to put Zero Trust principles at the heart of the federal cyber defense plan.
“The full implementation of Zero Trust principles and architectures across government is key to ensuring that agencies can defend against ongoing cyberattacks,” Hettinger said. “From a Congressional funding perspective, it is imperative that Zero Trust cybersecurity remains at the top of our priority list.
This guidance tells government agencies to prioritize modernizing legacy systems. This is a significant concern for institutions looking to apply Zero Trust practices such as anti-phishing multi-factor authentication.
The guidance instructs agencies to “prioritize technology modernization when agency systems are nearing end-of-life or end-of-service.” For high-value and high-value asset systems in which the Federal Information Security Modernization Act cannot be used, the system meets the standards for security and customer experience requirements.”
OMB’s Latest Report on Federal Cybersecurity It details some of the challenges government agencies continue to face in mitigating security vulnerabilities in high-value assets, and the biggest finding in these systems is ‘patch management’.
Former OMB cyber team chief and executive director of the Digital Innovation Alliance, Ross Nodruft, also “usefully” emphasized how the guidance focuses on “building a modern and secure enterprise environment.”
“Government investments in Zero Trust security solutions and moving to more modern cloud-based environments are essential to creating a more robust and scalable environment,” said Nodurft.
Budgeting for critical infrastructure requirements
Meanwhile, the guidance directs government agencies, especially cyber regulators, to “improve basic cybersecurity requirements” as part of budget submissions.
direction comes later Biden’s cyber strategy called for going beyond voluntary cooperation and towards establishing requirements for key parts of critical infrastructure areas.
“The NCS emphasizes rebalancing responsibilities to protect cyberspace so that the most capable and best-positioned actors in cyberspace act as effective stewards of the cyber ecosystem. ‘, the guidance states. “Regulators are strongly encouraged to consult their regulated entities when setting cybersecurity requirements and considering required resources.”
The guidance goes on to say that it should “further enhance performance-based regulation” by ensuring that “current and future requirements leverage existing cybersecurity frameworks and voluntary agreed standards.” there is
Agencies should also plan to establish cyber standards that are “applicable across critical infrastructure areas, yet sufficiently agile to adapt to adversary enhancements and tactical changes,” the guidance said. continues.
Meanwhile, agencies also need to consider “cybersecurity capabilities and capabilities, including personnel to ensure effective enforcement of the regulatory regime.”
Despite its emphasis on a regulatory approach, the guidance does not require sector risk management bodies to have “specialized cyber security agencies capable of operating critical infrastructure and providing proactive information to owners and owners.” It also calls for “increasing the scale of public-private partnerships,” including the possibility of adding “analyst” capabilities to the budget. operator. “
“Such analysts will assess sector needs, improve government processes for intelligence and intelligence analysis, and partner with private sector, state, local, tribal and territorial bodies.” continued the guidance. “Such considerations should be discussed according to a long-term vision to achieve the defined mission and avoid duplication.”
Summarize this content to 100 words
Agencies should prioritize investments leading to ‘designed-for-safe’ technologies, White House says in new budget guidance, also prioritizing ‘performance-based’ regulation, potentially funding new executives in ‘specialized cyber’ to address the new national cybersecurity strategy by providing Hey analysts. ” Guidance released this week outlines the Biden administration’s cyber priorities for the Fiscal Year 2025 budget. The document was signed by OMB Director Shalanda Young and Acting National Cyber Director Kemba.read moreAgencies should prioritize investments leading to ‘designed-for-safe’ technologies, White House says in new budget guidance, also prioritizing ‘performance-based’ regulation, potentially funding new executives in ‘specialized cyber’ to address the new national cybersecurity strategy by providing Hey analysts. ”
Guidance released this week outlines the Biden administration’s cyber priorities for the Fiscal Year 2025 budget. The document was signed by OMB Director Shalanda Young and Acting National Cyber Director Kemba Walden.
This is in line with President Joe Biden’s five pillars. national cyber strategy Announced in March, it begins with a commitment to “defending critical infrastructure.” And for federal agencies focused on modernizing their cyber defenses, the guidance doubles down on efforts under his May 2021 Cybersecurity Executive Order.
“Government investments should lead to durable, long-term solutions that are secure by design,” the guidance states.
similarly Last year’s instruction The White House has directed agencies to show “progress in zero trust deployments” in their budgets.of 2022 Zero Trust Strategy Directed government agencies to achieve a specific goal of establishing a Zero Trust architecture by the end of fiscal year 2024.
The budget submission will “explain efforts to fill gaps in these requirements” and “explain how agencies are investing in people, processes, and technology that will improve agency capabilities in line with the Zero Trust maturity model.” It should be clarified how it will be supported.
Former House Oversight and Reform Committee staffer and current Hettinger Strategic Group Chairman Mike Hettinger applauded the White House’s continued efforts to put Zero Trust principles at the heart of the federal cyber defense plan.
“The full implementation of Zero Trust principles and architectures across government is key to ensuring that agencies can defend against ongoing cyberattacks,” Hettinger said. “From a Congressional funding perspective, it is imperative that Zero Trust cybersecurity remains at the top of our priority list.
This guidance tells government agencies to prioritize modernizing legacy systems. This is a significant concern for institutions looking to apply Zero Trust practices such as anti-phishing multi-factor authentication.
The guidance instructs agencies to “prioritize technology modernization when agency systems are nearing end-of-life or end-of-service.” For high-value and high-value asset systems in which the Federal Information Security Modernization Act cannot be used, the system meets the standards for security and customer experience requirements.”
OMB’s Latest Report on Federal Cybersecurity It details some of the challenges government agencies continue to face in mitigating security vulnerabilities in high-value assets, and the biggest finding in these systems is ‘patch management’.
Former OMB cyber team chief and executive director of the Digital Innovation Alliance, Ross Nodruft, also “usefully” emphasized how the guidance focuses on “building a modern and secure enterprise environment.”
“Government investments in Zero Trust security solutions and moving to more modern cloud-based environments are essential to creating a more robust and scalable environment,” said Nodurft.
Budgeting for critical infrastructure requirements
Meanwhile, the guidance directs government agencies, especially cyber regulators, to “improve basic cybersecurity requirements” as part of budget submissions.
direction comes later Biden’s cyber strategy called for going beyond voluntary cooperation and towards establishing requirements for key parts of critical infrastructure areas.
“The NCS emphasizes rebalancing responsibilities to protect cyberspace so that the most capable and best-positioned actors in cyberspace act as effective stewards of the cyber ecosystem. ‘, the guidance states. “Regulators are strongly encouraged to consult their regulated entities when setting cybersecurity requirements and considering required resources.”
The guidance goes on to say that it should “further enhance performance-based regulation” by ensuring that “current and future requirements leverage existing cybersecurity frameworks and voluntary agreed standards.” there is
Agencies should also plan to establish cyber standards that are “applicable across critical infrastructure areas, yet sufficiently agile to adapt to adversary enhancements and tactical changes,” the guidance said. continues.
Meanwhile, agencies also need to consider “cybersecurity capabilities and capabilities, including personnel to ensure effective enforcement of the regulatory regime.”
Despite its emphasis on a regulatory approach, the guidance does not require sector risk management bodies to have “specialized cyber security agencies capable of operating critical infrastructure and providing proactive information to owners and owners.” It also calls for “increasing the scale of public-private partnerships,” including the possibility of adding “analyst” capabilities to the budget. operator. ”
“Such analysts will assess sector needs, improve government processes for intelligence and intelligence analysis, and partner with private sector, state, local, tribal and territorial bodies.” continued the guidance. “Such considerations should be discussed according to a long-term vision to achieve the defined mission and avoid duplication.”
https://federalnewsnetwork.com/cybersecurity/2023/06/white-house-directs-agencies-to-prioritize-secure-by-design-in-2025-budgets/ White House Tells Agencies to Prioritize ‘Design for Safety’ in 2025 Budget