The Cyber Security National Action Plan – what to expect.
On the surface the news of the Cyber Security National Action Plan sounds impressive – increasing the federal government’s investment in cyber security by 35% to $19 billion and creating a Federal Chief Information Security Officer position.
The plan was created in response to the increasing cyber threats facing every person and organization in the United States, highlighted by the recent data breach at the Office of Personnel Management. While the plan calls for investments in a broad range of categories from infrastructure, collaboration with commercial security developers to multi-factor authentication and educational grants, it is primarily focused on benefits to the federal government. Should you expect any impact on you or your organization?
The plan addresses many basic cyber security issues every organization faces: protecting information, restricting access to those with legitimate needs, developing the skills and knowledge needed to address cyber security and identifying external experts who can advise and assist.
If you do business with the U.S. government, you can expect an increased focus on cyber security, updated rules and regulations and greater scrutiny if you are a service provider. Long term all individuals and businesses will benefit as new authentication and authorization techniques are developed and deployed, additional skilled personnel are educated and join the work force and many basic security processes become “standard practices” instead of “best practices”.
The short term benefit will include more federal investment in cyber security awareness, both as part of National Cyber Security Month in October and additional materials circulated throughout the year. Free cyber security awareness tools and media are always helpful and the national focus on cyber security awareness should generally improve security awareness across all of our organizations.
Although criticized for being “basic, basic, basic” by some in the media, the basic approach is always a good starting point. We do not see any near term impact to most organizations, just benefits over the long term as increased awareness, tools and processes become the standard.
Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.
All Business Advisory News Cyber Security Overview