Modernizing Federal Cybersecurity — A FedScoop Special Report

Cybersecurity once again surged into the federal IT spotlight in early 2021 as news of sweeping cyber incidents, like the Solarwinds Orion breach and flaws in Microsoft’s Exchange software, surged across the industry.

As the Biden administration entered office, it has no choice but to make the modernization of federal cybersecurity one of its highest priorities. Less than four months after being sworn in, Biden signed a cybersecurity executive order that set in motion massive cybersecurity reforms for federal agencies, including the requirement that they adopt modern, zero-trust cybersecurity architectures, better secure federal cloud environments and deploy multifactor authentication and encryption.

The Office of Management and Budget has issued a draft Zero Trust Strategy meant to clarify key zero-trust priorities for civilian agencies as they roll out the cybersecurity architecture over the next few years. The public comment period for the draft strategy ended Sept. 21, and finalizing and executing the strategy over the next three to six months is a top priority.

Speaking earlier this year at FedTalks, Federal CISO Chris DeRusha said there remains a way to go until basic security measures such as multi-factor authentication and endpoint detection are implemented uniformly across government agencies. DeRusha said there needs to be emergency planning in place for senior agency leaders that can be followed in the event of another major cyberattack. “Agencies need a consistent playbook for senior leaders to work through when an incident like SolarWinds occurs,” he said.

Meanwhile, the administration looked to leverage a $1 billion injection into the Technology Modernization Fund to support some of the highest priority cybersecurity modernization projects around government. Late last month, the TMF Board issued award to seven agency modernization projects, most of which addressed cybersecurity, data privacy concerns and the move to zero trust.

This special report, which will be updated in the weeks following its initial publication, will explore the federal government’s urgency to modernize its cybersecurity, the mandates the new administration has issued to drive progress, the workforce issues at the heart of this challenge and what’s around the bend as agencies adopt advanced technologies like artificial intelligence.