Common themes in agency cyber risk mitigation
Jeanette Manfra, Assistant Secretary of the Office of Cybersecurity & Communications at the Department of Homeland Security, discusses how agencies are developing their I.T. modernization plans, and why cybersecurity is an important aspect.
Last week, federal I.T. heads reported to Congress to discuss how they were assembling their modernization plans. In the presented plans, a significant focus was placed on maintaining both network and operational security.
“Our primary message is that I.T. modernization and security go hand in hand, and the department has been working very closely with the Office of Management and Budget, the General Services Administration and the White House to ensure that as we modernize our I.T. systems across the government, that we also modernize our governance processes, our acquisition processes, and every step of the way we’re taking security into account,” said Jeanette Manfra, Assistant Secretary of the Office of Cybersecurity & Communications at the Department of Homeland Security.
As the agencies work to increase security and mitigate any risks to their systems, their plans all line up toward a few common goals.
“I think a common theme is limited resources, and so they have to make their risk decisions based off the resources that they have,” Manfra told Government Matters. “And we continue to work with OMB and Congress to ensure that they are able to prioritize their cybersecurity spending.”
A bill making its way through Congress would elevate the DHS cybersecurity office and related bureaus into their own agency, on par with the Transportation Security Administration within the department.
“It will not give us new missions or capabilities. Congress has frankly done a really great job legislating in this area and given us a tremendous amount of authorities. I feel a lot of my job right now is actually fully embracing those authorities and building the capabilities that we need to administer those authorities.”