Despite spending more on defense than any other country in the world, the U.S. is not safe from attack. Specifically, U.S. federal agencies are nowhere near prepared enough to hold back the onslaught of cyberattacks levied against the country every single day. In fact, government officials are beginning to realize the gravity of their current situation.
Beth Cobert, acting director of the Office of Personnel Management, stated that the U.S. government is in desperate need of cybersecurity talent, according to Federal News Radio contributor Nicole Ogrysko. Considering the last director stepped down after the OPM suffered a cyberattack that breached the personal information of 21.5 million people, Cobert's feelings on the matter certainly holds a lot of weight.
Department of Homeland Security recognizes threat
The OPM isn't the only one to understand the problem, either. Jeh Johnson, the Secretary of the Department of Homeland Security, has also gone on record as stating that he doesn't believe current cybersecurity efforts are enough. Although there are many reasons for this, Johnson's main point in a budgetary hearing with Congress was that federal agencies can't attract talented individuals well enough.
"We are competing in a tough marketplace against the private sector, that is in a position to offer a lot more money," Johnson said.
Companies stand to lose a lot of money through data breaches, both due to the actual attack as well as the impending loss of reputation. Therefore, these organizations are willing to throw large sums of cash at talented cybersecurity professionals entering the workplace. This is why Johnson's solution to the problem at hand was to increase federal budgets concerning the security of digital systems. He also wants to increase the number of DHS cybersecurity teams from 10 to 48, according to Federal News Radio contributor Meredith Somers.
On top of that, Johnson isn't alone in believing America's cybersecurity budget needs to be increased. President Obama agreed to put an increase in DHS cyber response teams on his bill, as well as an increase in funding to the Continuous Diagnostic Mitigation program, which is meant to help agencies monitor and respond to cyberthreats. However, President Obama didn't stop there.
A new federal position is born
Along with several other cybersecurity measures, the 2017 Presidential budget also includes the creation of the federal chief information security officer position. This person will have the responsibility of managing cybersecurity strategy on a federal level. Most companies already have someone fulfilling this role, and the only surprising part of this move is the fact that it's taken the government so long.
Exactly what this job will entail obviously remains to be seen, but there are a few challenges already set up for whoever is chosen. First, and perhaps most importantly, the FCISO will have to incentivize cybersecurity talent to work for the government. This person is going to need to campaign for more competitive salaries, as well as benefits that can lure security professionals away from cushy private sector jobs.
After this, they will need to coordinate multiple agencies to ensure the security of federal data. Departments often keep information about other agencies, which can help overall efficiency but can also play right into the hands of cybercriminals. In fact, a hacker breached the Department of Justice's defenses and obtained information about FBI and DHS agents recently, showing that cybersecurity needs to be a collaborative effort between departments.
Although there's still a lot of work to be done, it's clear that government officials are finally understanding what they need to do to ensure national cybersecurity. Only time will tell if the implementation of the FCISO position, along with other security measures, will have a great enough impact to ward off future attacks.