Federal Chief Information Officer Vivek Kundra announced the release of the new Federal Information Security Management Act guidance, which shifts the focus from traditional paper-based reports to real-time electronic data, as well as outlines how to make cybersecurity efforts more effective.
Kundra wrote in a blog about how the new approach is the result of many months of work by an interagency task force that reached out to agency officials and to the private sector, who then identified best practices and innovative approaches that will improve U.S. cybersecurity efforts.
“In the past, federal agencies spent enormous time and money creating the old paper-based reports,” Kundra said. “The State Department alone, in the past six years, spent $133 million amassing 95,000 pages of security documentation for about 150 major IT systems. This works out to roughly $1,400 per page in reports that were often outdated days within being published.”
In order for the government to focus on the necessary automation and continuous monitoring of the security status of all systems, the Department of Homeland Security will provide operational support to all federal agencies and monitor and report agency progress to ensure the effective implementation of this guidance, Kundra said.
Although it won’t be an easy process, Kundra said federal employees, contractors and the public working together will be key to efficiently leverage the power of technology while respecting the privacy and civil liberties of Americans.