Part 2 of several to come…
Looking over President Obama’s 10-point action plan, there is no doubt that the key to successfully protecting, deterring, preventing, detecting and defending our digital infrastructure and strategic national assets will be the “playbook” and the “execution of the playbook” by all appropriate individuals.
Step 1 of the 10-point action plan is to appoint a cybersecurity policy official responsible for coordinating the nation’s cybersecurity policies and activities and coordinate with National Security Council and National Economic Council to coordinate interagency development of cybersecurity- related strategy and policy. Sounds like a Head Coach and more to me…
The Head Coach is responsible for the results, which includes coordinating the “playbook” across all positions – offense and defense as well as specialized positions and special teams – to ensure all appropriate personnel understand their specific roles and responsibilities associated with the team’s strategies and policies and activities.
Step 2 of the 10-point action plan is to sign off on an updated national strategy to secure the information and communications infrastructure. This strategy should include continued evaluation of Comprehensive National Cybersecurity Initiative activities and, where appropriate, build on its successes.
Lessons learned in the form of information security breaches, Inspector General Reports, GAO Reports and other reports have clearly shown that the federal government has struggled with:
- Coordinating their “playbook” of policies and strategies
- Updating their “playbook” across multiple entities and individuals
- Accountability at the individual level
- Implementing successes and lessons learned
- Coordinating across department and entity “silos”
From the lessons learned, it would seem obvious that the Head Coach needs to focus on replacing the government’s outdated “status quo playbook” methodologies with “intelligent playbook” solutions that will help to ENSURE the new strategies will be implemented and executed to keep up our information and infrastructure secure….and keep up with the bad guys too.
Stay tuned for part three…