The Office of Management and Budget (OMB) has issued a memorandum to guide agencies how to advance the adoption of endpoint detection and response (EDR) platforms to help facilitate the detection of cyber vulnerabilities and related threats on federal networks in accordance with the cybersecurity executive order signed in May.
Shalanda Young, acting director of OMB, wrote in the memo published Friday that agencies should provide the Cybersecurity and Infrastructure Security Agency (CISA) access to enterprise EDR deployments within 90 days.
The document calls for CISA to come up with a process for continuous performance monitoring of EDR deployment efforts, provide recommendations to OMB on ways to further advance EDR implementation initiatives and develop a technical reference architecture and maturity model within three months.
CISA should also coordinate with the Chief Information Officer Council to create a playbook of best practices for EDR system deployments within 180 days.
Agencies should carry out an analysis to evaluate the status of EDR capabilities within 120 days and coordinate with CISA on future and current EDR deployments to ensure that the platforms align with the agency’s technical reference architecture.
The memo also directs agencies to work with OMB’s resource management office and their chief financial officers to ensure that they have sufficient resources and personnel to maintain EDR tools and make sure that those systems comply with statistical and privacy policies and laws.
ExecutiveBiz, sister site of GovCon Wire and part of the Executive Mosaic digital media umbrella, will host a virtual event about securing the supply chain on Oct. 26. Visit ExecutiveBiz.com to sign up for the “Supply Chain Cybersecurity: Revelations and Innovations” event.