/

DOE Implementing Cyber Risk Mgmt Framework for Cloud Migration

1 min read
Jeff Brody

Emery Csulak, chief information security officer of the Department of Energy, has said that the department has begun deploying a new cybersecurity risk management framework at several national laboratories, Fedscoop reported Wednesday. 

Csulak added that DOE has been using the Factor Analysis of Information Risk framework to assess the benefits and risks of migrating systems and applications to the cloud. The department also plans to implement FAIR for business case management as part of fiscal 2021 budgeting procedures, he noted.

“They need to be able to make honest risk decisions at the level where they affect their operational capabilities — whether or not it’s with science or nuclear protection,” according to Csulak.

DOE intends to include more agencies in efforts to implement the FAIR framework by fall, he said.