State Department Intelligence Bureau Releases Unclassified Version of Cybersecurity Strategy

The Department of State’s Bureau of Intelligence and Research has published an unclassified version of its cybersecurity strategy.

INR is a member of the Intelligence Community tasked with providing analyses to State Department policymakers and American diplomats.

One of the four strategic goals in the five-page document is to modernize and automate security tools across systems handling sensitive compartmentalized information.

The effort will involve the transition of security tools in the cloud as well as the deployment of real-time security functions, INR said.

Homeland security officials have previously identified “technical debt” as a major hurdle for agencies transitioning to the modern zero trust security model.

INR added that it will work toward creating modern information technology infrastructure, software, hardware and systems. 

Another objective is to invest in retaining a competent cybersecurity workforce—made up of government employees and contractors—for its Top Secret and SCI environments. 

The last two goals are to establish a comprehensive governance structure for managing cyber risks and to improve engagement with stakeholders. 

INR said that achieving the four requirements will allow it to better manage cybersecurity risks, meet compliance requirements and empower diplomacy.

The bureau said that the cybersecurity strategy is a “living document” that it will update as needed and review every three years.