(ISC)2 has announced a series of recommendations for the recently appointed federal chief information security officer (CISO) to consider in order to keep critical workforce issues at the forefront during the coming year of presidential transition.
The recommendations were delivered directly to Federal CISO Brigadier General (ret.) Gregory Touhill, government officials at the White House and the Office of Personnel Management, as well as other influencers within the federal workforce community, in a letter.
(ISC)2 noted in its 2016 State of Cybersecurity from the Federal Cyber Executive Perspective report that federal security had not improved since the Office of Personnel Management breach. In fact, the survey, of a targeted pool of executive-level government officials and contractors from civilian, military and intelligence agencies, revealed some alarming statistics, including that 59% of respondents believe their agency currently struggles to understand how cyber-attackers could potentially breach their systems.
Another 41% indicated their agency is not aware of where key assets are located, and nearly a third of respondents believe their agencies can’t effectively respond to an incident.
Since then, (ISC)2 met with current and former CISO-level executives to build on those survey outcomes and develop a series of recommended actions for the new federal CISO to consider in order to keep critical workforce issues at the forefront during the coming year of presidential transition.
The specific recommendations address specific recommended actions that address the need to distinguish between and addressing the needs of the cyber vs. general workforce; improving awareness and vigilance across the organization; and effectively addressing the shortage of talent based on the evolving role of the cyber-professional.
“Based on our research, advancing an organization’s security agenda no longer rests upon educating its cyber workforce: rather, it must educate its entire workforce, across all departments, in cyber,” said Dan Waddell, (ISC)² managing director, North America Region, and director for US Government Affairs. “Our goal in delivering these recommendations to Brig. Gen. Touhill is to support workforce prioritization and facilitate dialogue among those in the federal CISO community as critical decisions are being made during the upcoming presidential transition period, and beyond.”
Photo © BeataGFX