The Department’s central program focuses its work in the following areas:
Cyber Security Policy:
Manages and coordinates the Departmental cyber security policy for sensitive (unclassified) systems throughout the Department, assuring these policies and requirements are updated to address today’s threat environment, and conducts program performance, progress monitoring, and analysis. Also represents the Department on various inter-agency cyber-related activities.
Performance Monitoring and Reporting:
Implements collection of Federal and Department-specific security measures and reports those to national authorities and in appropriate summary or dashboard form to senior management, IT managers, security officials and Bureau officials. For example, this includes preparation and submission of the annual FISMA report and more frequent continuous monitoring information through CyberScope. Cyber Security Reviews:
Conducts technical and program reviews to help strengthen the overall cyber security posture of the Department and meet our oversight responsibilities. Enterprise-wide Security:
Works with the Bureaus and Treasury’s Government Security Operations Center to deploy new Department-wide capabilities or integrate those already in place, as appropriate, to strengthen the overall protection of the Department. Examples include implementation of Domain Name Service Security Extensions (DNSSEC), an automated asset inventory, and Department-wide security-related audit findings. Includes addressing the Department’s strategies and plans to mitigate cyber security risks from configuration and other vulnerabilities.
Understanding Security Risks and Opportunities from New Technologies:
New information and security technologies present both risks (e.g., introduction of new vulnerabilities) and opportunities (e.g., new means to securely provide new functionality for users). We seek to understand these technologies, their associated risks and opportunities, and share and use that information to the Department’s advantage. Vulnerability Analysis, Configuration and Planning: Analyzes current and emerging technologies and Cyber Critical Infrastructure Protection. Implements cyber-related requirements of Homeland Security Presidential Directive No. 7, “Critical Infrastructure Identification, Prioritization, and Protection” focusing on the protection of Department-owned cyber assets.
Treasury Computer Security Incident Response Capability (TCSIRC): Provides incident reporting with external reporting entities and conducts performance monitoring and analyses of CSIRCs within the Department.
National Security Systems: Manages and coordinates the Department-wide program to address the cyber security requirements of national security systems through the development of policy and program and technical security performance reviews.
Cyber Security Sub Council of the Treasury CIO Council: Operates to serve as the formal means for gaining bureau input and advice as new policies are developed, enterprise-wide activities are considered, and performance measures are developed and implemented; provides a structured means for information-sharing among the bureaus.