MITRE Corp., the operator of Federally-funded R&D centers that aim to help the U.S. government with a host of scientific and tech research issues, is advancing a series of recommendations for congressional action on high-profile cybersecurity issues prior to Senate action beginning Nov. 29 on the FY2022 National Defense Authorization Act (NDAA) which features numerous provisions that would impact Federal cyber defenses.
MITRE’s Center for Data-Driven Policy (CDDP) issued its recommendations for congressional action in late October. They focus on, among other issues:
- Federal Information Security Modernization Act (FISMA) reform;
- Strengthening the roles of Federal cybersecurity leadership including the National Cyber Director and the Federal CIO and CISO;
- The pressing need for Federal IT modernization;
- Adoption of a threat-hunting approach for cybersecurity risk management;
- Promotion of zero trust security architectures;
- Modernization of Cybersecurity and Infrastructure Security Agency (CISA) cyber programs including the Einstein and Continuous Diagnostics and Mitigation (CDM) programs;
- Supply chain security;
- Using FITARA as a model for tracking Federal agency progress on…
