Cyber strategy

GAO Official Calls Out Gaps in US Federal Cyber Strategy

Nick Marinos, a director of information technology and cybersecurity at the Government Accountability Office, said U.S. federal cyber strategies still leaves a lot to be desired even after decades of attempts dating back to the Clinton administration.

Speaking at a Government Executive-hosted event, Marinos stressed that while there have been previous efforts at coalescing some sort of national strategy, the U.S. has yet to reach the point of actually executing a strategy.

According to the GAO official, in addition to following technical guidance from the National Institute of Standards and Technology, agencies should have a big-picture reference as to who’s responsible for what outside of their own operations, Nextgov reported.

Part of the problem, Marinos said, is that the government lacked oversight on whether national strategies are actually being implemented.

A case in point is the Trump administration’s national cyber strategy, which laid out almost 200 specific activities, including who was responsible for said efforts. Despite having a good foundation, Marinos noted that there was a lack of clarity on who is ultimately responsible for checking up on agency compliance.

The Biden administration addressed the need for crucial checks on the backend with the establishment of the Office of the National Cyber Director, Marinos told attendees at the event. However, he said the administration still has to define goals and outcomes for an effective plan.