The White House offered a broad outline for the next steps in its federal cybersecurity plan in a blog post published Friday afternoon.
As a follow-up to the Obama administration’s 30-day Cybersecurity Sprint, announced as a result of the Office of Personnel Management (OPM) breach this summer, the newest facet of the ongoing cybersecurity efforts show a more long-term strategy.
While initial attention following the breach of more than 20 million federal employees’ personal records centered mostly on shoring up glaring gaps in security infrastructure, the newest additions to the plan focus on the bigger picture.
Federal CIO Tony Scott wrote in the blog post that the Cybersecurity Strategy Implementation Plan (CSIP) would focus on identification, response and recovery, while leveraging personnel and the effective deployment of new and existing technologies.
“CSIP directs a series of actions to improve capabilities for identifying and detecting vulnerabilities and threats, enhance protections of government assets and information, and further develop robust response and recovery capabilities to ensure readiness and resilience when incidents inevitably occur,” he wrote.
The new strategy comes out of the reported successes seen from the sprint working group. Although the administration is hopeful CSIP will help to reduce cyber-based threats, Scott said the new plan will focus on more effectively managing the threats that cannot be eliminated completely.
“Today, the state of federal cybersecurity is stronger than ever before. Agencies are utilizing significant resources to protect our nation’s critical infrastructure and to improve performance in this critical area,” Scott wrote. “However, there are no one-shot silver bullets. Cyber threats cannot be eliminated entirely, but they can be managed much more effectively. CSIP helps get our current federal house in order, but it does not re-architect the house.”