[20170213]IF10602_网络安全：联邦机构角色.pdf

https:/crsreports.congress.gov February 13, 2017Cybersecurity: Federal Agency RolesThe federal role in cybersecurity involves both securing federal information systems and assisting in protecting nonfederal systems. All federal agencies are responsible for protecting their own systems, and many have sector-specific responsibilities for critical infrastructure (CI). A simplified overview of major roles is presented in Figure 1 and the text below. Because of factors such as the continuing evolution of both cyberspace and agency roles, the distribution of responsibilities is more complex and ambiguous than what is presented here, with a number of unresolved issues. Figure 1. Federal Agency Roles in Cybersecurity Source: CRS. Note: See text for abbreviations. All agencies. Under the Federal Information Security Modernization Act (FISMA, 44 U.S.C. 3551 ff), each agency head must provide through the agency Chief Information Officer (CIO) for the protection of agency information systems in accordance with federal requirements, including establishment of an agency information security program. OMBOffice of Management and Budget. In addition to its budgetary role, this White House office i