Government officials predict that though getting all Federal agencies to comply with the recent Cybersecurity Executive Order and the Modernizing Government Technology (MGT) bill will be difficult, the outcomes will be very beneficial for government.
“It’s a good thing, it’s going to be a challenge. It’s going to be a hard, hard challenge to get 17 agencies to agree on a single way to do something,” said Jeff Maille, deputy director of the Insider Threat Office at the National Geospatial Intelligence Agency, in a panel at the IBM Government Analytics Forum on June 1.
Maille and other panelists applauded recent Federal IT efforts for their potential to address important cybersecurity problems in the government.
Matt Olsen, president of business development at IronNet Cybersecurity, and former director of the National Counterterrorism Center, said that he thinks the executive order will help improve cyber information sharing between the public and private sectors, which has traditionally been less effective than terrorism information sharing.
“Having been in the terrorism side, the authority has been well established in terms of collecting information: the Federal government primarily responsible, along with state and local government, collecting information relevant to the terrorism threats and then sharing that information. What you see when you get to the cybersecurity side is a much higher degree of challenge in a fundamental problem of sharing information that’s largely collected in the private sector,” said Olsen.
“The new executive order I think helps to emphasize that public-private partnership more, mandating further studies to be done. But I still think there’s a fundamental challenge in getting the Federal government information that it can use to help mitigate threats.”
Olsen added that Federal intelligence agencies need to get better at quickly sharing threat information with victims in the private sector.
Brian Done, deputy chief technology officer and chief data architect for the Office of Cybersecurity and Communications for the Department of Homeland Security, said that the executive order’s emphasis on agency leadership’s responsibility for cybersecurity will help put important cyber issues at the forefront.
“If you look at the executive order, it helps the department/agency head further understand that it is their responsibility, associated with cybersecurity,” said Done. “It’s a game changer.”
Done and the other panelists also applauded the potential effects the MGT Act’s modernization funds and executive order’s emphasis on shared services will have on Federal procurement.
“On the procurement side, I think it remains a real challenge,” said Olsen, calling Federal procurement a “tedious process that’s really a disincentive to work with the Federal government.”
However, Done said that the two documents could work to solve the isolation many agencies experience in trying to procure IT services.
“I think it’s a great opportunity for the departments and agencies,” said Done, explaining that currently agencies are responsible for their own missions and procurements, and these documents enable agencies to work with each other to leverage what others have already done.