Updating U.S. Federal Cybersecurity Policy and Guidance

Citation
Franklin S. Reeder, et al., Updating U.S. Federal Cybersecurity Policy and Guidance (Center for Strategic and International Studies (CSIS)) (Oct. 23, 2012) (full-text).

Overview
This report offers recommendations on cybersecurity where the U.S. Office of Management and Budget (OMB) could use existing authorities and update its current guidance, last revised on November 28, 2000. These changes would make government cyber assets more secure without spending more money. Absent changes in policy, agency staff and oversight groups (e.g., inspectors general and the Government Accountability Office) will continue to waste scarce resources on strategies that do little to mitigate risk.