The ONCD's new list of cybersecurity resources offers support to federal agencies, the water and wastewater systems, and those growing the cyber workforce.
On June 21, 2024, the White House Office of the National Cyber Director (ONCD) shared a list of cybersecurity resources to improve cybersecurity posture and to “bolster resilience.” The list follows the GAO’s report on federal cybersecurity challenges. The GAO found that despite previous recommendations to US agencies, many remain unimplemented, contributing to numerous cybersecurity incidents.
The ONCD also released their first report on cybersecurity posture in May 2024, which covered 12 of their current efforts to improve cyber posture - including establishing and using cyber requirements to protect critical infrastructure, enhancing federal coordination and partnerships, defending federal networks, and strengthening the national cyber workforce.
The ONCD’s collection of supplies has resources for State, Local, Tribal, and Territorial governments, water and wastewater utilities, K-12 institutions, and growing the cyber workforce – directly answering to the efforts outlined in the ONCD’s May report. For federal governments, the list provides directions to a Cybersecurity Grant Program, the Multi-state Information Sharing and Analysis Center, and the Cybersecurity and Infrastructure Security Agency’s (CISA) Tools and Services.
The Water and Wastewater Systems has been concerningly vulnerable in the past years to cyber attacks from foreign parties - which may be why it’s the only critical infrastructure sector to appear on the list. There are five resources referenced: CISA’s Water and Wastewater Systems Toolkit, the EPA’s Cybersecurity Resource List, the Rural Utilities Service Water and Environmental Programs, the Clean Water State Revolving Fund, and the Drinking Water State Revolving Fund.
The resources for K-12 institutions make up nearly half of the list, with seven resources (ranging from Protective Domain Name Service to Data Backups, and Cybersecurity Training and Awareness). Most of these resources come from CISA’s toolkit specifically to help K-12 organizations, which tend to be vulnerable to cyberattacks due to being largely underfunded while holding onto the sensitive information of many students. Earlier this year, the US Department of Education (DoEd) launched the Government Coordinating Council (GCC) to help strengthen cybersecurity in K-12 educational institutions.
The last resource is dedicated to expanding the cyber workforce. There are reportedly more than 500,000 vacant cybersecurity positions in America - which is another factor in the poor cybersecurity posture of the U.S. The government has been making several efforts to close the skills gap, even considering streamlining the clearance approval process.
By offering comprehensive support to various sectors, including federal and local governments, critical infrastructure, and educational institutions, the ONCD aims to strengthen the nation's cybersecurity resilience. These efforts, coupled with initiatives to grow the cyber workforce, reflect a robust and proactive approach to safeguarding the country and improving our cyber posture.