• United States



Contributing Writer

The Cybersecurity Coordinator To-Do List

Sep 18, 20092 mins
Cisco SystemsData and Information SecuritySecurity

ESG offers a list of 10 priority items so that the federal cybersecurity coordinator can hit the ground running

Members of the security community are acutely aware that the Federal Cybersecurity Coordinator’s job remains vacant. When this individual is finally appointed, he or she won’t have much time to get up to speed. As a public service, ESG suggest that the cybersecurity coordinator prioritize the following 10 items:1. Emergency response. We need to be prepared for a worst-case cybersecurity attack. Right now, we are not.2. Educating the public. Most citizens don’t understand threats and risks. We need a “Smokey the Bear-like” public service campaign.3. A national ID. Very controversial but could bolster security and e-government programs.4. Acting as a watchdog. The cybersecurity coordinator must ensure that programs don’t turn into turf battles or pork barrel politics.5. Building the cybersecurity workforce. The Feds don’t have enough security skills and have difficulty recruiting. This must be addressed.6. FISMA 2.0. Federal agencies need risk-based security controls now. The cybersecurity coordinator needs to push new legislation along.7. Federal data privacy. There are too many confusing data privacy laws. We need one standard to supercede the rest.8. Lobby for security compliance incentives. The private sector needs a few carrots like tax breaks to motivate funding for enhanced security defenses.9. Unifying and simplifying cybersecurity communications. The private sector can’t understand the multitude of government programs, acronyms, and agencies involved in cybersecurity. We need to simplify this communication to get the private sector on-board. 10. Represent U.S. cybersecurity interests to the world. We need the cybersecurity coordinator to act as a digital diplomat to enhance law enforcement and technology cooperation.Sure, there are lots of other things to do but these 10 are extremely important and should keep the cybersecurity coordinator busy for a while. If you want more detail and background on ESG’s priority list items, go to:

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author