August 14, 2015

White House “Cyber Sprint” Results Are In

King & Spalding

+ Follow Contact

Send

Embed

On July 31, the White House released a report on its 30-day cybersecurity “sprint,” launched on June 12 in the wake of the Office of Personnel Management hacks. The report is brief, providing statistics on each agency’s use to date of two-factor authentication, and highlighting the dramatic 30% jump in adoption since the outset of the cyber sprint.

When launching the cyber sprint in June, the Office of Management and Budget (“OMB”) instructed federal agencies to deploy technology from the Department of Homeland Security (“DHS”) to scan for malicious cyber activity and report any positive hits. In addition, agencies were directed to: (i) immediately patch critical vulnerabilities, (ii) review and tightly limit the number of privileged users with access to authorized systems, and (iii) dramatically accelerate implementation of multi-factor authentication, such as using the hardware-based Personal Identity Verification (“PIV”) card issued to federal employees and contractors. The agencies were asked to report back to OMB and DHS on progress and challenges within 30 days.

The July 31 report indicates that use of two-factor authentication climbed from about 42% to over 72% during the cyber sprint, which represents a significant jump in such a short time span, and immense progress after the 2011 initiative stalled at 42% in 2014. Fourteen agencies met the goal for stronger user authentication set at the beginning of the cybersecurity sprint, while ten agencies fell below the target. However, the report is silent regarding the results of the other goals to (i) deploy technology that scans for malicious activity, (ii) patch critical vulnerabilities, and (iii) limit the number of privileged users.

According to U.S. Chief Information Officer Tony Scott, over 100 experts from the public and private sectors have been assembled to assess the federal government’s cybersecurity policies, procedures, and practices. The group is expected to release a set of action plans and strategies to further address critical cybersecurity priorities in the coming months.

Reporter, Mark H. Francis, New York, NY, +1 212 556 2117, mfrancis@kslaw.com.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

Written by:

King & Spalding

Contact + Follow

less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

Increased visibility
Actionable analytics
Ongoing guidance

Learn More

Published In:

Chief Information Officers (CIO)

+ Follow

Cyber Attacks

+ Follow

Cybersecurity

+ Follow

Department of Homeland Security (DHS)

+ Follow

Obama Administration

+ Follow

OMB

+ Follow

Administrative Agency

+ Follow

Elections & Politics

+ Follow

Privacy

+ Follow

Science, Computers & Technology

+ Follow

less

King & Spalding on:

White House “Cyber Sprint” Results Are In

Related Posts

Written by:

PUBLISH YOUR CONTENT ON JD SUPRA NOW

Published In:

King & Spalding on:

"My best business intelligence, in one easy email…"