Cybersecurity is another area requiring attention. Rod Beckstrom resigned in March as director of the Department of Homeland Security's National Cybersecurity Center, complaining that the National Security Agency was encroaching on his turf. What's more, there's no organizational structure under which federal chief information security officers get together and share policy. And the U.S. Computer Emergency Readiness Team, tasked with coordinating cyberthreat responses, has trouble sharing attack data with agencies that don't have cybersecurity employees with government security clearances.
The Federal Information Systems Management Act, which regulates government cybersecurity procedures, is a step in the right direction, but agencies continue to operate largely independently. Defense agencies, for example, follow different security standards than civilian agencies. "A collection of hierarchical 'stovepipes' is easier to attack and harder to defend because security programs are not of equal strength and stovepiped defenders cannot respond well to a multiagency attack," the Center for Strategic and International Studies warned in a recent report recommending policy changes.
New legislation, White House policy, and a cybersecurity czar should help, but for now, lack of centralized leadership has hindered information sharing on vulnerabilities and led to uncertainty about government security policy. Across government, much remains to be done in opening up data silos.
Photo by Getty Images
For more on federal IT initiatives, visit