Strong Cybersecurity Policies

Establishing strong cybersecurity policies requires effort, prioritization, and cooperation to achieve a higher level of safety. Agencies can not only do more to protect people from risks, they can provide additional cyber protection to individuals and to critical infrastructure.

Will Cyber Security Become Automated? – Connected IT Blog

According to companies like Fortinet, because cyber threats can evolve quickly, agencies should support greater collaboration and coordination to establish policy and establish priorities for all areas of cyber-related activities.

The Executive Office for National Drug Control Policy’s Guide to Cybersecurity Governance provides a framework for developing governance principles that effectively meet agency cybersecurity policy needs. It also establishes the federal government’s new cybersecurity priorities.

Because security is a multi-faceted discipline, it is important to have many perspectives in the decision-making process. Every government agency should encourage a healthy dialogue with cyber experts who can provide the advice, guidance, and recommendations that align with their mission and organizational culture.

Policy, Rules, and Regulations

Federal agencies must develop cybersecurity policies, rules, and regulations to ensure that their cybersecurity systems function as designed and that their information systems are secure. These policies, rules, and regulations should include appropriate technology and network protections for their various systems and processes.

Agencies must establish clear policies and guidelines and must implement them promptly. Policy, rule, and regulatory development requires oversight, because agencies must test their implementation and evaluate its performance.

The Cybersecurity Initiative

The Cybersecurity Initiative (CISE) promotes information sharing among federal departments and agencies to protect our nation’s infrastructure, critical infrastructures, and privacy. The initiative focuses on U.S. Government cybersecurity, critical infrastructure, and privacy protection. CISE seeks to support agencies’ “arms-length” operations, while also setting uniform standards for cybersecurity activities. CISE encourages broad participation in the initiative by agencies. It enables and encourages open, iterative development of standards and best practices, while not stifling innovation.