Convincing the private sector to share more information about cybersecurity incidents with the federal government will take trust building and a cooperative effort across all relevant agencies.
Officials at the Cybersecurity Unit, part of the Criminal Division's Computer Crime and Intellectual Property Section, compiled the guidelines based on lessons learned by federal prosecutors handling cyber investigations.
The Federal Risk and Authorization Management Program aims to accelerate the authorization of cloud computing technologies across the federal government, but instead of one more federal IT security mandate agencies must comply with, FedRAMP Director Matt Goodrich says the program has a unique role to streamline security processes across several initiatives.
If confirmed by the Senate, Peter Neffenger would replace former TSA administrator John Pistole who retired from public service Dec. 31 after announcing his depature two months before.
Of those 22, 14 programs had schedule slips, and half of those also experienced cost increases and the estimated lifecycle cost of these programs also rose by $9.7 billion, or 18 percent.
DHS Secretary Jeh Johnson said the department is finalizing plans to open a Silicon Valley satellite office "to serve as another point of contact" in remarks to RSA Conference April 21.
The Obama administration largely supports both bills although it had some reservations regarding their liability protections. But civil liberties and privacy groups say they strongly opposed one bill sponsored by the House Permanent Select Committee on Intelligence.
Through the Office of Management and Budget initiative launched three years ago that requires agencies to review their IT investments annually and cut duplication, agencies were supposed to save $5.8 billion between fiscal 2013 and 2015. However, they reduced that amount to $2 billion, a 68 percent cut.
ICE Air Operations, which is responsible for transporting detainees within the United States or returning them to their countries of origin, does not collect data that could help it better support operational decisions and improve program effectiveness.
Both programs provide a basic level of security across the federal government regardless of an agency's cybersecurity skill set or resources at a given moment.