Building A More Secure and Efficient Federal Enterprise

The recent wave of high-profile cyber incidents has led many Americans to ask the simple question: How can we reduce the likelihood of future attacks? Unfortunately, the answer is far from simple, as the cyber threat is growing and dynamic, and combatting it will require a multifaceted defense of our critical systems and services, including those managed by the U.S.  federal government. As lead agency for civilian cybersecurity, the Cybersecurity and Infrastructure Security Agency (CISA) is focused on ways we can leverage resources and capabilities to raise the bar of cybersecurity across the government.

In April 2020, the White House designated CISA to host the Cyber Quality Services Management Office (QSMO) as part of a broader effort to streamline how cybersecurity services are managed across the federal civilian enterprise. This designation charged CISA with a mission to centralize, standardize, and market high-quality, cost-effective cybersecurity service. Congress further advanced CISA’s capabilities in this area by granting CISA the authority to offer cybersecurity services to federal departments and agencies with or without reimbursement.

As part of this effort, CISA has launched our initial version of the Cyber Shared Services Marketplace.

The Shared Services marketplace provides a broad range of services that will help federal agencies acquire high-quality services to identify, protect against, detect, respond to, and recover from cybersecurity threats to their networks. This marks the first step in building and cultivating a dynamic, online government marketplace and is an example of how CISA is using innovative solutions to secure and enhance the resilience of the nation’s cyber infrastructure. 

The cyber landscape is always changing, and the marketplace must evolve as well, which is why the tools and services offered are driven in part by customer feedback. We have established formal feedback mechanisms to capture this feedback, including via the multi-agency QSMO Customer Advisory Board. We also regularly survey customer agencies both on current services and in developing our roadmap.

A key component of any organization’s cybersecurity program should be a transparent way for security researchers to report vulnerabilities.

Two services we recently developed and added to the marketplace demonstrate the type of enhanced security we can offer using a shared services model. For example, a key component of any organization’s cybersecurity program should be a transparent way for security researchers to report vulnerabilities, which is why CISA issued a directive last year to require federal civilian executive branch agencies to implement a vulnerability disclosure policy. To assist agencies in implementing this requirement, CISA is standing up a centrally funded CISA VDP platform for researchers to submit reports, avoiding the duplicative cost of each agency standing up its own platform.

In addition, CISA’s Cyber Shared Services Marketplace is developing a new Protective Domain Name System (DNS) Resolver Service. Planned to go live in early 2022, this service enhances incident detection and response capabilities and creates a more resilient enterprise network, helping the federal government better protect the information stored on its networks.  This service works to protect organizational devices that have been challenging historically to protect—such as cloud, mobile, and nomadic devices. It is also designed to integrate with and complement existing agency protections, which helps to streamline service adoption. And as with our VDP platform, CISA is centrally funded to provide the Protective DNS Resolver Service to federal civilian executive branch agencies. We are also exploring extending the service to state and local governments.

While the two services I discussed here are important in their own right, they also highlight the advantages of CISA centrally hosting cybersecurity shared services to the federal government’s cyber defense—both today and as we look toward the future. Threats in cyberspace are constantly evolving, and in many cases, our adversaries are getting more sophisticated.  Combatting these threats is going to require a sustained investment in cybersecurity and a collaborative approach, which CISA is uniquely positioned to lead.  The governmentwide shared services model allows federal departments and agencies, and potentially other stakeholders in the future, to quickly and more cost effectively implement the latest technology—whether designed by government or, more often, by the private sector—to protect their systems. 

As new innovations become available, federal CIOs and CISOs will be able to take advantage of the federal government’s expertise and purchasing power to better protect their systems. This will enhance not just their security, but because of the interdependent nature of cyber networks, make the federal government and the nation more resilient to cyberattacks.  And that’s ultimately the idea behind the CISA Cyber Shared Services Marketplace—while no one can do it alone, by working together, we can raise the bar and build a more secure cyberspace going forward.

Eric Goldstein is executive assistant director for cybersecurity at the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).