Overview[]
The Federal Network Resilience (FNR) director manages four branches (within the Office of Cybersecurity and Communications (CS&C)) that address critical cybersecurity requirements.
These branches are
- Requirements and Acquisition Support (RAS) — supports the long-term strategic prevention of attacks against Federal Civilian Executive Branch (FCEB) networks.
- Network and Infrastructure Security (NIS) — optimizes an agency's network services into a common solution for the federal government.
- Cybersecurity Assurance (CA) — assesses the state of operational readiness and cybersecurity risk across FCEB.
- Cybersecurity Performance Management (CPM) — provides oversight and operational support for the FCEB departments and agencies in their compliance with the Federal Information Security Management Act (FISMA).
FNR also collaborates across the federal government to enhance the nation's cybersecurity posture by:
- identifying common requirements across the federal government,
- collaborating with components of the federal enterprise to identify solutions,
- implementing policy and technical solutions, and
- monitoring the effectiveness of implemented solutions.
Initiatives[]
FNR is focused on a variety of initiatives that improve the long-term security posture of the federal government:
- The Chief Information Security Officers (CISO) Advisory Council provides a trusted platform whereby federal CISOs can collaboratively address cybersecurity issues and challenges and share solutions and successes in their respective enterprises.
- Domain Name Systems Security (DNSSEC) provides a secure authentication to government Web sites for public users to transmit information while utilizing online government services.
- Federal Information Security Memoranda (FISM) DHS issued memoranda informing Federal departments and agencies of their responsibilities, required actions, and effective dates to achieve federal information security policies.
- Federal Information Security Management Act of 2002 (FISMA) outlines DHS responsibilities for providing guidance and operational support to federal agencies in securing federal systems and ensuring information security performance.
- FISMA Reporting Service Offerings provides FISMA Reporting Shared Service Centers (SSCs) so agencies can improve security reporting using automated, efficient channels.
- Managed Trusted Internet Protocol Services (MTIPS) provides managed security services for agency compliance with the Trusted Internet Connection (TIC) mandate to reduce and consolidate agencies' connections to the Internet.
- Risk Management Framework Service Offerings facilitates agencies' use of Shared Service Centers to implement Risk Management Framework solutions, which reduce costs of completing authorization and accreditation using legacy systems.
- Security Awareness and Training provides common suites of information systems security training products and services for the federal government.
- Situational Awareness and Incident Response (SAIR) provides local, tribal, state, and federal governments with quick access to Blanket Purchase Agreements to procure products and services that address gaps in configuration management, network mapping/path discovery, and vulnerability management.
- Trusted Internet Connections (TIC) Comprehensive National Cybersecurity Initiative (CNCI) optimizes and standardizes the security of individual external network connections used by the federal government. It provides improvement to the government's overall security posture by reducing and consolidating the number of external network connections through the use of approved TIC access points.
- Cybersecurity Compliance Validations (CCV) provide federal agencies with onsite assessments to measure compliance with with federal cyber mandates including FISMA, TIC, and DNSSEC.