The Cybersecurity and Infrastructure Security Agency is launching the Federal Enterprise Operations Cyber Alignment Plan to enable federal agencies to discuss and share information on cyber incidents, issues and approaches and develop a unified strategy to address such issues, Federal News Network reported Wednesday.
“The concept of alignment is an important shift in the way that we’re approaching this,” said Michael Duffy, associate director of the cybersecurity division at CISA.
“We designed an operational cyber enterprise plan, which identified all of the areas that we think the federal government, as an enterprise, should be focusing on improvement actions. We had fantastic feedback from [chief information security officers] and agency teams,” he elaborated.
Duffy noted the known exploited vulnerabilities catalog as something agencies should monitor and shared his thoughts on the federal zero trust managers community of practice, which he called “an important step forward for CISA.”
“We’ve coupled that with a training program where we are able to provide a standard baseline of understanding for these zero trust managers so they can go into these conversations using the same terminology, using the same approaches, and applying the same tricks of the trade, the way that the zero trust managers are considering this challenge at the enterprise level,” he said of the group.
Duffy also mentioned the agency’s progress with the mobile app vetting service, which can pinpoint app vulnerabilities and risks and supports risk-based decision making.
Join the Potomac Officers Club’s 2024 Cyber Summit on June 6 and hear cyber experts, government and industry leaders discuss the latest trends and the dynamic role of cyber in the public sector. Register here.