Cybersecurity National Action Plan Budget

The Cybersecurity National Action Plan is a sweeping initiative to protect online data, from data generated by federal government institutions all the way through to the use of that data by private citizens.

A $3.1 billion security modernization fund has been created to upgrade, replace, and transition legacy IT infrastructure and systems within U.S. federal government agencies, along with the creation of a Federal Chief Information Security Officer position.

US public sector organizations using outdated infrastructure are at risk of transporting sensitive data over an aging infrastructure that may be nearing- or have reached- end-of-life or end-of-support. These networks often lack the latest security features and may no longer be receiving critical software patches and security updates. As a result, they are more vulnerable to attack, which is unacceptable when dealing with the sensitive data of public sector organizations which includes private citizen data submitted for federal benefits and services.

The primary goal of the Cybersecurity National Action Plan is to provide public sector organizations with enterprise-level best practices in public sector network security, and the resources to transform these networks. In order to be able to evolve for future security needs and government regulations, IDC recommends public-sector organizations evaluate network security infrastructures with a foundational security orientation. Foundational security, when built upon a Secure Development Lifecycle, allows public sector organizations to bring their infrastructure up to speed for present requirements, and to adapt proactively for future needs. Built-in, foundational security provides platform integrity, enables secure communications, protects data, helps guard against counterfeit, allowing organizations stakeholders to hold a high-level of confidence that the network and its data are safe.