Federal Cybersecurity

Cybersecurity remains one of the most pressing issues among news headlines, both at the federal and general public levels. While cybersecurity and its associated jargon may seem complex and inaccessible, it is critical to have an understanding of how cybersecurity, and particularly federal cybersecurity, affects Americans. A recent report from the Belfer Center for Science and International Affairs addresses federal cybersecurity, and breaks down federal networks in a manner geared toward Americans outside of the information security community. This report, titled “Understanding Federal Cybersecurity” seeks to fill the gap between the American public and the federal government whose “networks [serve] over 100 agencies and millions of employees […] and store personal data on millions of Americans.”

To fill this gap and make federal cybersecurity accessible to the public, this report characterizes the federal cybersecurity landscape, summarizes recent federal efforts to improve its cybersecurity, and reviews efforts to improve the foundations of federal cybersecurity. It also addresses the following five systemic factors that contribute to the difficulty of securing federal civilian networks:

  1. Difficult tradeoffs between centralized and decentralized management.
  2. Varying levels of engagement of agency top leadership on cyber risk management.
  3. Varying effectiveness of levers to direct, incentivize, and enforce action by nonperforming federal agencies.
  4. Resource constraints and a rigid government budgeting cycle.
  5. Scattered congressional oversight.

The report addresses and succinctly defines key cybersecurity-related legislation, as well as federal expenditure on cybersecurity. The report also depicts interaction between agencies in the implementation of cybersecurity practices in an easy-to-understand visual. The report concludes with recommendations and key considerations for policymakers, agency leaders, and cybersecurity professionals.

These points are critical for Americans to understand and pay attention to, as cyber-related issues arise with increasing frequency and consequence. Because federal networks are the target of foreign intelligence operations, such cybersecurity efforts become more important to protect American interests and citizens.

Non-registered users may access the report here. The HSDL offers many related resources. Visit the Featured Topics for more on Cyber Crime & National Security, Cyber Infrastructure Protection, Cyber Policy, Electronic Surveillance, and Interoperability.