Hello, Guest.!

Barry Duplantis: Five Ways Federal Agencies Can Best Implement CISA Cyber Threat Playbooks

2 mins read

Barry Duplantis, general manager of public sector business and vice president at software company Mattermost, has shared his thoughts on how government agencies can maximize their cybersecurity protections in light of recently released Cybersecurity and Infrastructure Security Agency playbooks.

Duplantis is supportive of both the Biden administration’s cybersecurity Executive Order and the CISA playbooks but says there is a gulf between putting forward these ideas and actually implementing them into daily practice and executable processes.

In a July 12 article published on government technology website FCW, Duplantis lays out five guidelines for taking CISA’s conceptual goals and realizing them.

His suggestions begin with urging agencies to tailor and shape CISA’s guidelines to their own individual needs and systems. Most important in this, Duplantis says, is the creation of digital playbooks and embedding them within a unified incident response architecture wherein information and findings about cyber attacks can be circulated to all contributors and members of an agency. This is preferable, in Duplantis’s view, from a written or physical copy of the playbooks such as the spreadsheets that some agencies still maintain.

By utilizing this widely shared, digitally-accessible and customized playbook, agencies can develop game plans and methods of immediate response in the case of cyber attacks that break down individual peoples’ responsibilities and ensure there is a legible course of action.

Duplantis also proffers agency task orders to use automated keywords, such as ‘#security-critical,’ that can be helpful, especially in a time of emergency. Additionally, he recommends gathering and saving data from various cyber incidents and reviewing them closely in order to make more careful and exacting decisions in the face of similar threats in the future.

Altogether, Duplantis reasons that establishing a cohesive, up-to-date and specialized system for answering to cyber malfeasance will make government agencies more attractive to quality candidates for jobs and generally ensure they are equipped to meet these challenges, which have skyrocketed in regularity in the past couple of years.