Federal Chief Information Security Officer (CISO) Grant Schneider said today that the Office of Management and Budget (OMB) is continually working towards developing standards and accountability for supply chain security and cybersecurity.
The Federal Acquisition Security Council had its first meeting four weeks ago, according to Schneider and they hope to continue to make it a monthly occurrence. Speaking at Tenable’s GovEdge 2019 conference, Schneider broke down the priorities for the council he identified as the most important.
“So we really want a more nuanced conversation that you can have with leadership and then they can ask the right questions that are going to drive them to make risk management decisions,” Schneider said.
Those priorities include:
- developing standards on how agencies develop for supply chain;
- identifying an information sharing agency within the government;
- creating shared services around supply chain;
- and creating criteria and implementing recommendations for different agencies within the Federal enterprise.
There is a lot of groundwork involved in making those recommendations, Schneider says, along with mitigating standards.
“We’re very focused on what that criteria is going to be and establishing [it]. We have to do a notice of public rulemaking and industry is going to be involved,” Schneider said.