The US Cybersecurity and Infrastructure Security Agency (CISA) is creating a new division to work with government agencies to help them deal with multiple cybersecurity requirements, reported Wednesday FCW.
The CISA unit, whose name can be translated as the “Federal Enterprise Improvement Team” (FEIT), will work with departments to create action plans for each agency based on CISA data, the agencies themselves and existing requirements in the field of cybersecurity.
The unit is currently focused on working with five types of operational risks: asset visibility and management, organization vulnerability management, information security architecture and network hygiene, incident management and response, supply chain cyber risk management system (probably referring to the risk of penetration into government IT systems through the IT systems of counterparty organizations – ed.).
If last October only one person worked in the department, then by November 2022 the staff was estimated at “double digits,” FCW notes. For its activities in 2023, FEIT requested $11.6 million (715 million rubles).
Earlier, we recall reported that CISA will require U.S. federal agencies to regularly review information networks and “digital assets” for potential vulnerabilities. In August the agency urged critical infrastructure operators to prepare for the transition to a post-quantum cryptographic standard.
See also: What the US is doing to protect critical infrastructure – analysis >>>