The May Cybersecurity Executive Order and the White House’s IT Modernization Report have encouraged agencies to look for ways to use shared services to improve cybersecurity.
The Department of Justice (DOJ) has been looking into using shared services before the push from the White House, giving the agency a head start at shared services centered on cybersecurity for the enterprise.
“Shared services allow IT to broker the best solution from the best provider,” according to DOJ’s Strategic Plan for 2015-2018. “And when needed, IT can provide agile and modular development techniques to build enhanced solutions.”
DOJ recognized that using shared services will bring about cost savings throughout the agency, which will allow more money to be spent on the agency’s mission.
“Shared services allow for the ability to quickly adopt new innovative solutions and enable our components to focus their limited time and resources on unique mission-critical activities,” the plan stated.
DOJ plans to use shared services to protect its classified and unclassified data by developing an enterprise IT shared services catalog that will serve as a “one-stop shop” for accessing information and resources related to DOJ’s IT services. This resource will include assistance for purchasing services and provide transparency through customer ratings and reviews. DOJ will provide chat rooms, blogs, and websites to allow customers to collaborate and share experiences.
DOJ also plans to build an information sharing reference architecture and adopt consistent technical exchange standards to support information sharing between communities and applications.
DOJ’s collection of public data will be made more readily available through a data catalog. The IT department is working to enhance the use of data analytics in order to advance litigation, investigation, forensics, and business capabilities, and use these tools to detect financial fraud and increase its security posture.
The Cybersecurity Executive Order, signed by President Donald Trump in May, said that as part of the imperative to protect Federal networks, agencies should place particular importance on modernizing Federal IT systems, and preference on the use of shared services.
“If we don’t move to secured and shared services, we’re going to be behind the eight ball for a very long time,” said Tom Bossert, Homeland Security adviser to the president.
The White House’s IT Modernization report, released in August, recommended establishing a joint Security Operations Center, which will provide visibility into the state of Federal IT networks, to secure those systems. The center would continue to enable Continuous Diagnostics and Mitigation (CDM) and improve upon it to include security practices for cloud-based services rather than focusing on on-premise data centers.
“Faced with the challenges of increasingly frequent and complex cyber threats and an uncertain budget climate, Information Technology (IT) must adapt and transform to act efficiently, serve in new roles, and enable components to focus their time and resources on unique mission-critical activities,” said Joe Klimavicz, deputy assistant attorney general and CIO of DOJ. “Along with these challenges, we can take advantage of exciting mobile applications and productivity tools. These new technologies promise to spur innovation, improve mission performance, and better support collaboration between the DOJ workforce and our mission partners.”
Cybersecurity leaders from across the public and private sectors will gather at the Symantec Government Symposium on Dec. 5 to discuss shared security services and other critical cyber issues facing agencies today. Registration is still open and free for government attendees.