The Homeland Security Department plans to take a more muscular approach to cybersecurity in coming months, including by establishing clearer consequences for federal agencies that don’t adopt best practices, according to an updated cybersecurity strategy released Wednesday.
Homeland Security is the government’s lead civilian agency for cybersecurity but has struggled to force other agencies to take the cyber threat seriously or to allocate sufficient resources to the threat.
Going forward, Homeland Security will “develop new processes to ensure accountability within agencies and across the federal enterprise in order to affect necessary cybersecurity changes,” according to the strategy. The department will also “develop a formalized approach to measure and track agency adoption of information security policies, practices, and required controls,” the strategy states.
The language mirrors plans in a year-old cybersecurity executive order in which the Trump administration promised to hold top agency officials accountable for preventable cyber breaches.
Since that executive