White House delays report on cybersecurity sprint

The results of the White House’s 30-day cybersecurity sprint, which were supposed to be released Monday at the latest, will be delayed.

Sources say the White House’s Office of Management and Budget is still assessing and analyzing data received from agencies during the sprint, with no time frame for the report’s release.

The White House issued the 30-day sprint in response to the Office of Personnel Management’s two data breaches, which saw information related to 22 million current and former federal employees compromised.

U.S. Chief Information Officer Tony Scott established a cybersecurity sprint team – consisting of representatives from OMB’s E-Gov Cyber unit, the National Security Council, and the departments of Defense and Homeland Security – to develop strategies that will be put into a forthcoming official document titled ‘Federal Civilian Cybersecurity Strategy.’

Shortly after OPM announced the results of its investigation into the two breaches, the White House released some preliminary results of the sprint.

On July 9, the White House said the use of multifactor authentication has increased by 20 percent, with some agencies now requiring multifactor authentication for all privileged users. Also, DHS has scanned more than 40,000 systems for critical vulnerabilities, patching flaws as they have been found.

Since the launch of the sprint, DHS also has accelerated adoption of Einstein 3A, the intrusion-prevention system used to guard civilian agencies. Einstein 3A now covers 15 federal civilian executive branch departments and agencies, a 20 percent increase over the past nine months. DHS expects to award a contract to provide Einstein 3A for all federal civilian agencies by the end of 2015.