The Cybersecurity and Infrastructure Security Agency (CISA) unveiled the Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) Plan, marking a significant milestone in the federal government’s ongoing efforts to enhance cybersecurity defenses. As the primary authority for operational cybersecurity in the federal government, CISA’s FOCAL plan aims to offer guidance and assistance to over 100 FCEB agencies, facilitating progress on critical cybersecurity priorities and aligning operational defense capabilities to mitigate risks across federal networks.
The federal agencies within the FCEB play diverse roles in furthering the government’s mission, ranging from national security to healthcare. However, due to their varied networks, systems, and levels of cyber risk tolerance, a cohesive cybersecurity strategy is essential. The FOCAL Plan addresses this need by advocating for a unified approach to cybersecurity, which reduces risks across federal agencies while allowing each agency to maintain its distinct operations.
Jeff Greene, CISA’s Executive Assistant Director for Cybersecurity, stressed the urgency and importance of the FOCAL Plan in light of the persistent threats faced by federal data and systems. Greene emphasized the need for FCEB agencies to tackle these threats collectively and proactively reduce risks to enhance resilience and modernize federal agency cybersecurity in collaboration with partner agencies.
The core purpose of CISA’s FOCAL Plan is to standardize essential aspects of operational cybersecurity across the federal enterprise and promote a collective defense approach. Developed in partnership with FCEB agencies, the plan addresses the unique challenges each agency encounters while aligning them under common cybersecurity objectives. The plan’s foundation lies in five priority areas:
1. Asset Management: Ensuring that federal agencies have a comprehensive understanding of their operational terrain, including all interconnected assets, to reduce the attack surface and enhance cybersecurity posture.
2. Vulnerability Management: Focusing on proactive measures to identify, assess, and mitigate vulnerabilities in systems to stay ahead of threats and secure the attack surface.
3. Defensible Architecture: Building cyber infrastructure that can withstand attacks and recover quickly to foster resilience and continuity of operations.
4. Cyber Supply Chain Risk Management (C-SCRM): Addressing supply chain risks by enhancing agencies’ ability to identify and mitigate threats from third-party vendors.
5. Incident Detection and Response: Improving Security Operations Centers’ capabilities across agencies to detect, respond, and minimize the impact of security incidents.
The FOCAL Plan emphasizes collaboration among FCEB agencies to share information and resources, enhancing security across federal networks and preventing attackers from exploiting vulnerabilities between agencies. This collaborative approach extends beyond government agencies and can benefit private sector organizations and other public entities by strengthening cybersecurity defenses.
While the FOCAL Plan outlines key cybersecurity objectives for federal agencies, it is not exhaustive and allows flexibility for agencies to prioritize actions that will have the most significant impact on reducing risks and enhancing resilience. By fostering collaboration and addressing critical cybersecurity challenges collectively, CISA’s FOCAL Plan aims to strengthen cybersecurity defenses across the federal government and beyond.