The US government has launched a federal Cyber Security Sprint, to dramatically improve security in the wake of recent cyber security incidents.
Announced by US Chief Information Officer, Tony Stott, agencies are required to take immediate steps to ” protect Federal information and assets and improve the resilience of Federal networks”.
Critical steps for agencies include:
- Immediate deployment of indicators provided by the Department of Homeland and Security regarding priority threat actor Techniques, Tactics, and Procedures to scan systems and check logs
- Patching critical vulnerabilities without delay
- Tightening of policies and practices for privileged users
- Dramatically accelerate implementation of multi-factor authentication, especially for privileged users
A Cybersecurity Sprint Team has been established to lead a 30-day review of the Federal Government’s cybersecurity policies, procedures, and practices.
Following the review, “the Federal CIO will create and operationalize a set of action plans and strategies to further address critical cybersecurity priorities and recommend a Federal Civilian Cybersecurity Strategy”, stated the announcement.
The Cybersprint comes in the wake of a major cyber security breach at the Office of Personal Management in June 2015, which saw the breach of up to 4 million of personal records of US federal employees.
Read the Enhancing and Strengthening the Federal Government’s Cybersecurity factsheet.
More information about the Office of Personnel Management Cybersecurity breach.