CISA, the US Cybersecurity and Infrastructure Security Agency, has recently released a plan to improve the cyber defenses of federal agencies by aligning their operational capabilities. The plan aims to achieve more synchronized and robust defenses, enhanced communication, and greater agility and resilience within the federal government.
In the Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) plan, CISA sets out both “broad organizing concepts for federal cybersecurity” and tactical guidance agencies should implement. The plan covers daily activities and processes that organizations should be using to defend their data and information systems and spans five areas: asset management, vulnerability management, defensible architecture, cyber supply chain risk management, and incident response. It also sets collective security goals for the enterprise and provides a framework for coordinated support and services.
The essential components of FOCAL are solid, but accomplishing a task at this scale could be a challenge when considering the sheer number of tools required, the necessary staff and expertise, and more. Read our perspective as Phosphorus CMO John Vecchi discusses CISA’s federal guidance plan with Dark Reading here.