EXECUTIVE OFFICE OF THE PRESIDENT
OFFICE OF MANAGEMENT AND BUDGET
W AS H I N G T O N , D . C . 2 0 5 0 3
October 30, 2015
Executive Summary
Strengthening the cybersecurity of Federal networks, systems, and data is one of the most
important challenges we face as a Nation. As a result, the Federal Government is bringing
significant resources to bear to ensure cybersecurity remains a top priority. This includes
strengthening government-wide processes for developing, implementing, and institutionalizing
best practices; developing and retaining the cybersecurity workforce; and working with public
and private sector research and development communities to leverage the best of existing, new,
and emerging technology.
In furthering this mission, the Federal Chief Information Officer (FCIO) initiated a 30-day
Cybersecurity Sprint on June 12, 2015. The Cybersecurity Sprint Team (“Sprint Team”), led by
the Office of Management and Budget (OMB), was comprised of representatives from the
National Security Council (NSC), the Department of Homeland Security (DHS), the Department
of Defense (DoD), and other Federal civilian and defense agencies. The initial Sprint memo
instructed agencies to implement a number of immediate high priority actions to enhance the
cybersecurity of Federal information and assets. This Cybersecurity Strategy and
Implementation Plan (“CSIP”) is the result of the Cybersecurity Sprint, and incorporates
progress reporting and corrective actions that are ongoing.
The CSIP is the result of a comprehensive review of the Federal Government’s cybersecurity
policies, procedures, and practices by the Sprint Team. The goal was to identify and address
critical cybersecurity gaps and emerging priorities, and make specific recommendations to
address those gaps and priorities. The CSIP will strengthen Federal civilian cybersecurity
through the following five objectives: