“OPM CIO Guy Cavallo said meeting these reporting requirements is vital for the administration, specifically the Office of Management and Budget (OMB), to get the full picture of where agencies are in their cybersecurity journeys.
‘Something very important is that, with any executive order, there are always deadlines and you want to make sure that you meet the deadlines, even if your answer is “we’re not ready yet,”’ Cavallo said during ATARC’s Federal CIO Virtual Summit on Jan. 25…”
“Gerald Caron, CIO and assistant inspector general for information technology at the Department of Health and Human Services (HHS) Office of the Inspector General (OIG), noted that the EO, especially its zero trust push, is a journey that agencies will not complete within a year.
‘I think the executive order – and I think they know – that it is going to be a journey, it’s not going to be something that is going to be done this year,’ Caron said. ‘It is an architecture, it is a, you know, the long game when you’re approaching it. So, we’re drawing out our own roadmap and we’ll collaborate with our parent agency and help where needed.’
Nevertheless, no matter where agencies are on their EO journeys, Caron encouraged agencies to ‘reach out and utilize your resources to work with others.’…” Read the full article here.
Source: Fed CIOs Advise Agencies to Meet Cyber EO Reporting Deadlines, Even if Not Ready – By Grace Dille, January 26, 2022. MeriTalk.
