Where is the Security in Today's Executive Order?
President Obama signed an Executive Order today -- Streamlining Service Delivery and Improving Customer Service -- which aims to improve the quality and efficiency of IT-related services provided by the government to the public.
The order requires each agency to develop within 180 a customer service plan to address how the "agency will provide services in a manner that seeks to streamline service delivery and improve the experience of its customers." Among the requirements of the plan is the creation of one major "signature" initiative that will use technology to improve the customer experience.
The order notes that "with advances in technology and service delivery systems in other sectors, the public's expectations of the Government have continued to rise. The Government must keep pace with and even exceed those expectations."
While the push to effective customer service is well-placed, the provision of such services must be built upon systems and initiatives ine which customer have confidence. Interestingly, the order does not mention the need for cybersecurity in the development and implementation of each of these initiatives.
The public expects the federal government to lead on cybersecurity issues, especially with regard to the confidentiality, integrity, and availability of information it provides to and gather from the public. Given the growing challenge of cybersecurity, it is critical now more than ever that cybersecurity be prominently addressed and "baked in" on the front end of IT initiatives.
Perhaps cybersecurity is a given in the executive order, but stating so upfront or providing specific guidance and requiring agencies to consider the security elements of their initiatives would be prudent as OMB rolls out this effort.