Cybersecurity
Priority Overview
Our Nation's security and economic prosperity depend on the stability and integrity of our Federal communications and information infrastructure. Threats to cyberspace pose some of the most serious challenges of the 21st century for the United States. The President has made strengthening the Nation's cybersecurity a priority from the outset of this Administration.
In May 2017, the President signed Executive Order 13800, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, which concentrates on IT modernization and cybersecurity risk management. Executive Order 13800 reinforces the Federal Information Security Modernization Act by holding agency heads accountable for managing cybersecurity risks to their enterprises. It requires each agency to assess its cybersecurity risks and submit a plan to OMB detailing actions to implement the NIST Cybersecurity Framework.
Why This Matters to the CIO Council
To address the threats posed on our nation's cybersecurity defenses, the Federal Government must continue to advance technical and policy protection capabilities for national systems. We must also expand partnerships with the private sector and work with Congress to clarify roles and responsibilities.
The CIO Council, and the Chief Information Security Officers Council, leverage FISMA quarterly reporting and agency cybersecurity budget enhancements to meet the key Federal cybersecurity priorities across the enterprise. These include: Increasing Cyber Threat Awareness, Standardizing Cyber and IT Capabilities, and Driving Agency Accountability. OMB and the Department of Homeland Security continue to improve FISMA oversight and execution to enable better cybersecurity risk management within individual agencies and across the Federal government
Incident Response Resources Repository
FISMA requires that the Office of Management and Budget (OMB) oversee Federal agency information security policies and practices, which includes coordinating with Federal agencies on cybersecurity incidents or operational events that might impact our nation's security posture. OMB launched an Incident Response Resources Repository to support agencies in defining cybersecurity incident classification, outlining reporting guidance and procedures, and providing general resources for cybersecurity incidents.
Latest News
AI Transparency Listening Session with the White House Office of Management and Budget
The White House Office of Management and Budget (OMB) is leading a series of listening sessions to learn more from industry about their approaches to AI transparency and auditable risk management.
AI in Action: 5 Essential Findings from the 2024 Federal AI Use Case Inventory
This year, agencies publicly reported more than 1,700 ways they are using Artificial Intelligence (AI) to advance their missions and deliver better experiences to the public.
CISO Council and CDO Council Release Joint Guide on Federal Zero Trust Data Security
Today, the CISO Council and CDO Council released the Federal Zero Trust (ZT) Data Security Guide, a first-of-its-kind document and key deliverable of OMB M-22-09, Moving the U.S. Government Towards Zero Trust Cybersecurity Principles. M-22-09 charged the Federal CDO Council and Federal CISO Council to convene a cross-agency working group of data and security experts to develop a data security guide for Federal agencies.