White House CISO Calls on Senior Leaders to Learn Simple Cybersecurity Safety Measures
The White House’s first Federal Chief Information Security Officer (CISO) recently announced plans to launch cyber.gov, a website with vast resources for cyber information including what to do in the event of an attack.
Retired Brig. Gen. Gregory Touhill told an audience in Washington today, “What we’re looking at doing is having a one stop repository for folks that are looking at best practices, for collaboration and the like. And we’re working across our staff right now and setting up some basic guidance on the website. We’re going to be partnered across such organizations as NIST, DHS, and others so that we have an easy, one stop shop for cyber information.”
Touhill also outlined the five pillars of his cybersecurity improvement plan: strengthening the workforce, treating information as an asset, doing the right things the right way, continuing innovation, and making informed cyber risk decisions.
He plans to create continual training and evaluation programs as well as increase participation in testing and exercises. As part of this effort, Touhill wants to put together a Federal CISO council, much like the current Federal CIO council. And he also wants agencies to get involved in creating their own cyber training programs.
“Through the CISO council, we’ll put out a core curriculum, but then we’ll release that and have a competition to see who can come up with the most entertaining, educational, informative video, and we’ll put it on YouTube as the winner,” said Touhill. “Why not have competition to have the best cybersecurity video out there based on the curriculum that the CISO council put together.”
For now, he said even if senior leaders could spend one hour learning what to do to protect their agencies’ systems and how to respond if they are hacked, it could vastly improve overall agency security.
"Protecting information could be as simple as not discussing certain information over the phone, guarding the paperwork that you provide, shredding information that appropriately needs to be disposed of," Touhill said.
Although some of Touhill’s plans take him beyond his guaranteed tenure as Federal CISO, Touhill explained that it is important to have something to work toward.
“Like I learned in the military, it is important to have a goal,” Touhill explained of his plan. “Our goal is simple: our goal is to support an open and transparent government where the people’s information is protected and privacy, civil rights, and civil liberties are preserved.”
Posted in General News