Federal CISO: All Agencies to Participate in Drafting New Cybersecurity Rules

Federal Chief Information Security Officer Chris DeRusha said a whole-of-government approach will be implemented in creating the new governmentwide cybersecurity guidelines required under President Joe Biden’s recent executive order.

Speaking at a CyberScoop-hosted event, DeRusha assured that federal CISOs and chief information officers from all agencies will be involved in drafting every aspect of the guidelines.

The effort will be spearheaded by the Office of Management and Budget, FedScoop reported Tuesday.

The need for new cybersecurity rules was highlighted by recent government cyberattacks, including the SolarWinds hack.

DeRusha, a 2021 Wash100 winner, noted that agencies should have appropriate emergency plans in place to respond to cyberattacks better.

“Agencies need a consistent playbook for senior leaders to work through when an incident like SolarWinds occurs,” he said.

The creation of new cybersecurity rules is one of many mandates included in the May 12 EO. Biden’s directives focus on modernizing federal government cybersecurity, enhancing software supply chain security, removing barriers to sharing threat information, and standardizing the federal government’s playbook for responding to cybersecurity vulnerabilities and incidents.

In addition to the OMB, agencies such as the Cybersecurity and Infrastructure Security Agency, General Services Administration and the FBI were tasked with enacting Biden’s plans.

CISA will play a key role in implementing many of the initiatives, including standardizing contract language for appropriate cybersecurity requirements, developing a federal cloud security strategy, releasing cloud-security technical reference architecture documentation and establishing a collaborative framework for cloud-related cybersecurity and incident response activities.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Join Us Now