PV Puvvada, president of Unisys’ federal systems business, has said federal chief information officers and other government security professionals should communicate to senior agency heads the measures they are implementing to address cyber risks within their organizations.
Puvvada wrote in a blog post published Monday that there are four elements that should be included in reports to senior government leaders and one of those is a summary of the security strategy with a checklist of all completed steps to address cybersecurity issues.
Reports should also contain a dashboard of security metrics in an effort to communicate the agency’s current security posture, he noted.
He also called on government security officers to list attack threats and controls as well as the top five ongoing and future security vulnerabilities in order to inform leaders about areas that need attention.
“By effectively communicating security strategy and activity to senior most agency leadership, federal security professionals also can lay the groundwork for better communication with members of the general public who are now experiencing a heightened awareness of cybersecurity issues,” said Puvvada, an inductee into Executive Mosaic‘s Wash100 for 2017.
“By doing so, we also can improve public awareness of steps the government is taking to address these issues – as well as how private sector and citizens at large can contribute to those efforts.”