Welcome to the new Energy Central — same great community, now with a smoother experience. To login, use your Energy Central email and reset your password.

Intelligent Utility
Richard "Dick" Brooks
Richard "Dick" Brooks
Expert Member
Top Contributor
 · Posted in Intelligent Utility

Federal CIO Martorana on her plans for 2023 | Federal News Network

Very insightful interview the the Federal CIO Clare Martorana (click Ream More below).

We should expect to see significant actions by the Federal government to secure critical infrastructure and share cyber information.

Here's an excerpt from OMB memo M-22-16 Administration Cybersecurity Priorities for the FY 2024 Budget
document that I find insightful:

  • Enable SRMAs to collaborate more closely with CISA and other SRMAs to improve the trajectory of collective (government and industry) defense, response, and resilience within respective sectors;
  • Enable information exchange among government and industry, including through the U.S. Federal Cyber Centers, as well as Information Sharing and Analysis Organizations and Information Sharing and Analysis Centers, to develop actionable operational intelligence and offer meaningful threat mitigation advice;
  • Improve detailed understanding of national security risks associated with each sector that are or could be exploited by adversaries, including nation-states;
  • Achieve a deeper understanding of the cyber tactics, techniques, and procedures of threat actors and the risk posed to each sector; and
  • Facilitate increased sharing and collaboration between industry and government on cyber threat intelligence, indicators, and defensive measures, also including incidents, in secure settings, either physical or virtual.

And this excerpt also:

Supply chain risk management (SCRM) is a critical capability to manage cybersecurity risk. To help address this risk, the Federal Acquisition Security Council was established, in part, to make recommendations concerning how to remove certain covered articles from executive agency information systems, or to exclude certain sources of those articles from executive agency procurement actions. Federal agencies are required to establish formal SCRM programs for their own acquisitions, particularly around information and communications technology and services (ICTS). While these requirements currently sunset at the end of 2023, legislation is pending to extend the requirement through 2026. The FY 2023 President’s Budget made critical investments in SCRM programs at agencies. Agencies should sustain these investments in their FY 2024 submissions