ESG offers a list of 10 priority items so that the federal cybersecurity coordinator can hit the ground running Members of the security community are acutely aware that the Federal Cybersecurity Coordinator’s job remains vacant. When this individual is finally appointed, he or she won’t have much time to get up to speed. As a public service, ESG suggest that the cybersecurity coordinator prioritize the following 10 items:1. Emergency response. We need to be prepared for a worst-case cybersecurity attack. Right now, we are not.2. Educating the public. Most citizens don’t understand threats and risks. We need a “Smokey the Bear-like” public service campaign.3. A national ID. Very controversial but could bolster security and e-government programs.4. Acting as a watchdog. The cybersecurity coordinator must ensure that programs don’t turn into turf battles or pork barrel politics.5. Building the cybersecurity workforce. The Feds don’t have enough security skills and have difficulty recruiting. This must be addressed.6. FISMA 2.0. Federal agencies need risk-based security controls now. The cybersecurity coordinator needs to push new legislation along.7. Federal data privacy. There are too many confusing data privacy laws. We need one standard to supercede the rest.8. Lobby for security compliance incentives. The private sector needs a few carrots like tax breaks to motivate funding for enhanced security defenses.9. Unifying and simplifying cybersecurity communications. The private sector can’t understand the multitude of government programs, acronyms, and agencies involved in cybersecurity. We need to simplify this communication to get the private sector on-board. 10. Represent U.S. cybersecurity interests to the world. We need the cybersecurity coordinator to act as a digital diplomat to enhance law enforcement and technology cooperation.Sure, there are lots of other things to do but these 10 are extremely important and should keep the cybersecurity coordinator busy for a while. If you want more detail and background on ESG’s priority list items, go to: http://www.enterprisestrategygroup.com/ESGPublications/BriefPopup.asp?ReportID=1254 Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe