FY 16-17: Agency Priority Goal

Cybersecurity Monitoring

Priority Goal

Cybersecurity Monitoring

Continue enhancing the security of OPM's information systems by strengthening authentication and expanding the implementation of continuous monitoring.

OPM will increase the use of multi-factor strong authentication in multiple ways.  While OPM enforces Personal Identity Verification (PIV) authentication for its internal users, OPM targets PIV usage for OPM services at 50 percent of Federal users by the end of FY 2016.  By the end of FY 2017, OPM will enforce multi-factor authentication for 100 percent of all PIV-enabled users and 80 percent of non-PIV-enabled users.

OPM will increase its security posture by expanding the Information Security Continuous Monitoring (ISCM) capabilities throughout FY 2015.  Leveraging the Continuous Diagnostic and Mitigation (CDM) program, OPM will expand continuous diagnostic capabilities by increasing the network sensor capacity, automating sensor collections, and prioritizing risk alerts.  By the end of the second quarter of FY 2016, OPM will have acquired, implemented, and refined the four (4) CDM controls including vulnerability management, secure configuration management, hardware asset management, and software asset management.  These tools will increase OPM’s ability to identify and respond to security issues.  By the end of FY 2016, 95 percent of OPM’s assets will be visible in the CDM dashboard.  In FY 2017, OPM will use the benchmarking results to identify and prioritize the implementation of other ISCM controls.

OPM will continue to pursue a number of additional actions as outlined in its Cybersecurity Monitoring goal.

info Themes:
General Government