OMB Issues Updated Internet Security Policy; Suzette Kent Quoted

Jeff Brody
Suzette Kent

The Office of Management and Budget has updated the Trusted Internet Connections policy in an effort to help agencies facilitate their migration to the cloud, Fifth Domain reported Thursday.

A memo issued Thursday says the updated TIC guidance will no longer require agencies to flow internet traffic through a physical TIC access point in order to provide them more flexibility in ensuring their cybersecurity posture as they move to the cloud.

“[The memo] still requires agencies to meet all the strict security requirements that have always been a priority and are even more of a priority now,” Suzette Kent, federal chief information officer and a 2019 Wash100 winner, said Thursday at the Dell Technologies Forum. “But it includes new pathways to take advantage of modern technology, the capabilities of software, that wasn’t even imagined when that original policy was written.”

The memo requires the Department of Homeland Security to issue guidance on the development and management of pilot programs and approve use cases to “promote flexibility while maintaining a focus on security outcomes.” 

The document states the four use cases approved by OMB: cloud, agency branch office, remote users and traditional TIC or the default use case.

The White House issued a draft of the updated TIC policy in December.

You may also be interested in...

GAO: DHS Chief Acquisition Officer Must Improve Vetting of Components’ Procurement Executives

The Government Accountability Office (GAO) has released a report stating that the Department of Homeland Security’s (DHS) chief acquisition officer needs to improve the assessment of DHS units’ component acquisition executives (CAE). GAO said Tuesday that the DHS chief acquisition officer selects CAEs that handle DHS components' acquisition-related policies, workforce, data colection and reporting functions.