The Department’s Cyber Security program develops and implements security policies and ensures that federal and Departmental security requirements are addressed.
Our overall mission of cyber security at the Department is to assure the appropriate protection of cyber information, services, and assets. Security is critical to Treasury’s daily operations and fulfillment of its mission, which relies on protection of both sensitive unclassified and national security systems throughout the Department. The Federal Information Security Management Act of 2002 (FISMA) provides the overall information security policy framework and sets cyber security requirements for systems throughout the Federal Government. We strive to maintain and improve our security status to increasing threat against computer systems while seeking secure solutions that place the least burden on Treasury employees’ ability to do their work using modern IT systems and functionality. We partner with and implement requirements from other national authorities, such as the Office of Management and Budget, the National Institute of Standards and Technology, the Committee on National Security Systems and the Office of the Director of National Intelligence. Each Bureau operates and maintains an information security program consistent with Federal and Departmental requirements and we work to leverage the skills, knowledge, and lessons learned among the Bureaus.
Cyber Security Policy
Manages and coordinates the Departmental cyber security policy for sensitive (unclassified) systems throughout the Department, assuring these policies and requirements are updated to address today’s threat environment, and conducts program performance, progress monitoring, and analysis. Also represents the Department on various inter-agency cyber-related activities.
Performance Monitoring and Reporting
Implements collection of Federal and Department-specific security measures and reports those to national authorities and in appropriate summary or dashboard form to senior management, IT managers, security officials and Bureau officials. For example, this includes preparation and submission of the annual FISMA report and more frequent continuous monitoring information through CyberScope.
Cyber Security Reviews
Conducts technical and program reviews to help strengthen the overall cyber security posture of the Department and meet our oversight responsibilities.
Works with the Bureaus and Treasury’s Government Security Operations Center to deploy new Department-wide capabilities or integrate those already in place, as appropriate, to strengthen the overall protection of the Department. Examples include implementation of Domain Name Service Security Extensions (DNSSEC), an automated asset inventory, and Department-wide security-related audit findings. Includes addressing the Department’s strategies and plans to mitigate cyber security risks from configuration and other vulnerabilities.
Understanding Security Risks and Opportunities from New Technologies
New information and security technologies present both risks (e.g., introduction of new vulnerabilities) and opportunities (e.g., new means to securely provide new functionality for users). We seek to understand these technologies, their associated risks and opportunities, and share and use that information to the Department’s advantage. Vulnerability Analysis, Configuration and Planning: Analyzes current and emerging technologies and Cyber Critical Infrastructure Protection. Implements cyber-related requirements of Homeland Security Presidential Directive No. 7, “Critical Infrastructure Identification, Prioritization, and Protection” focusing on the protection of Department-owned cyber assets.
Treasury Computer Security Incident Response Capability (TCSIRC)
Provides incident reporting with external reporting entities and conducts performance monitoring and analyses of CSIRCs within the Department.
National Security Systems
Manages and coordinates the Department-wide program to address the cyber security requirements of national security systems through the development of policy and program and technical security performance reviews.
Cyber Security Sub Council of the Treasury CIO Council
Operates to serve as the formal means for gaining bureau input and advice as new policies are developed, enterprise-wide activities are considered, and performance measures are developed and implemented; provides a structured means for information-sharing among the bureaus.