July 16, 2015
Nation’s Cybersecurity Upgraded with New Practices and Standards
Protected consumers.
Since 2011, the Administration has worked to make online transactions more secure for business and consumers alike. In implementing the National Strategy for Trusted Identities in Cyberspace (NSTIC), the Department of Commerce has worked with thousands of stakeholders to jump-start an identity ecosystem, providing consumers with more secure, convenient, and privacy-enhancing experiences on the Internet.
Enhanced Federal cybersecurity
Accelerated efforts to increase security on federal networks — last month, the Federal Chief Information Officer launched a 30-day Cybersecurity Sprint to accelerate progress made on enhancing the Federal Government’s cybersecurity. The Sprint’s preliminary reporting shows great progress in Federal agency efforts to further protect information and assets, and improve the resilience of federal networks, including: patching critical vulnerabilities, leveraging tools to block high-risk indicators, tightening access for privileged users, and increasing the use of multi-factor authentication.
Increased Cyber Emphasis Government-wide under the Federal Chief Information Officer
The Federal CIO has established a dedicated cyber team, E-Gov Cyber, to enhance oversight of agency and government-wide cybersecurity programs; and work with key federal cybersecurity stakeholders to ensure federal cybersecurity receive the heightened level of attention, oversight, and management deserving of a national security priority. As of June 2015, E-Gov Cyber has led government-wide incident response actions to rapidly mitigate new vulnerabilities, such as Heartbleed; accelerated assessments of agency’s cybersecurity program and defenses, by over 200 percent from the previous year; and established a new, on-going critical vulnerability scanning program for public facing web sites across the government.
Adopted more secure technologies
Later this summer, the Administration will release new strategies and policies to help agencies secure their networks. These policies will include a Federal Cybersecurity Civilian Strategy and guidance to improve cybersecurity protections in Federal acquisitions. From the development of additional shared services to the faster acquisition of the most current cybersecurity technologies, this guidance will further empower federal agencies to modernize their IT systems and utilize the latest cybersecurity tools.
Deployed new capabilities
In order to provide federal agencies with better capabilities to monitor their systems and combat cyber-threats, DHS is accelerating the deployment of two initiatives. For example, DHS is accelerating deployment of the EINSTEIN 3A intrusion prevention system across the Federal Civilian Government. EINSTEIN 3A detects and blocks cybersecurity threats before they can impact Federal agencies. The system now covers 15 federal civilian executive branch departments and agencies, a 20 percent increase over the past 9 months. DHS will award a contract to provide EINSTEIN 3A for all federal civilian agencies by the end of 2015.