INDUSTRY INSIGHT
Operational security drives mission results
What does cybersecurity operational “excellence” look like for federal agencies? Traditionally, cybersecurity has been a compliance-driven activity, with agencies focusing more on complying with regulations — and showing they’ve done so — than actually securing government from operational threats.
Today, the goal is to shift to operational security as the federal government works to modernize IT and improve efficiency. Modernization requires implementing cloud-based applications, but it adds complexity, making cybersecurity compliance even more onerous and confusing. Too often, agencies are left to make individual decisions based on their understanding of compliance as it relates to the cloud. For the mission areas, compliance is often viewed as an obstacle to go around, over or underneath.
The reality is that most agencies are good at compliance (because they’re forced to be), but they must begin to shift their focus to operational security. Against this backdrop, the Federal Risk and Authorization Management Program and the Continuous Diagnostics…
