During National Cybersecurity Awareness Month, we recognize that malicious cyber actors seek to compromise federal information systems and data in order to steal information the government holds on behalf of and about the American people. While the number of cybersecurity incidents at Federal agencies decreased by 12% in FY 2018, Federal agencies must continue to increase their cybersecurity posture.
One year ago, the President signed the National Cyber Strategy, which established priority actions to bolster the safety and security of the American people in cyberspace. The strategy emphasized that the United States Government, private industry, and the public must take immediate and decisive actions to strengthen cybersecurity. In the past year, the Federal Government has advanced multiple initiatives to protect federal information systems and data, including the:
Creation of the first lead civilian cybersecurity agency charged with protecting federal networks and sharing information with federal, state, local, and private partners to enable our collective defense.
Implementation of the SECURE Technology Act, which, based on an Administration proposal, creates a unified, whole-of-government approach to protecting federal systems from supply chain risks. The law establishes a Federal Acquisition Security Council within the executive branch to manage the mitigation of vulnerabilities in the government’s technology supply chain. Additionally, under the law, agencies are empowered to mitigate supply chain risks by excluding vendors, products, and services when justified, among other critical actions.
Advancement of new policy on America’s Cybersecurity Workforce that recognizes the critical role of all cybersecurity practitioners and reduces barriers to rapid and sustained growth. This established the President’s Cup, a national cyber competition aiming to identify, recognize, and reward the best cybersecurity talent in the federal executive workforce.
Updates to the Trusted Internet Connections policy, which provides an agile approach allowing agencies to leverage Cloud technologies in a secure manner.
The Federal Chief Information Security Officer Council is promoting four themes to the federal workforce during Cybersecurity Awareness Month. The themes are:
- Mobile Device Security;
- Wi-fi Hotspots and Traveling;
- Phishing; and
- Home Security for Teleworking.
Each week CIO.gov will host a video and information on a new theme.
Cybersecurity is also a critical element of our personal lives, and I encourage everyone to build their cybersecurity awareness and use available resources to protect their agencies, their families, and themselves. This year the message for National Cybersecurity Awareness Month is “Own IT, Secure IT, Protect IT” and focuses on protecting citizen privacy, consumer devices, and e-commerce.