The Cyberspace Solarium Commission, McCrary Institute, and others provide long lists of initiatives they recommend for the next administration. They tend to be bureaucratic. Stand up this new organization, draft this document, study this issue, … A lot of the Cyberspace Solarium Commission recommendations drove Biden Administration actions and the National Cyber Strategy and Implementation Plan.
In May of this year, the Biden Administration announced Version 2 of the Implementation Plan and that 33 of 36 (92%) Version 1 initiatives have been completed.
92% is impressive, but did it check a box or achieve the desired results?
We don’t know. The desired results were never decided, documented or measured.
Leaning back on Peter Drucker:
Whenever executives make an important decision, they put down in writing what results are expected and when.
Record what you expect the results to be of every key action or key decision you take, and then compare actual results nine months or a year later to your expectations.
The Effective Executive by Peter Drucker
My guidance for the new administration around OT cybersecurity is to follow one simple rule:
Document and publish what metric(s) you will use to measure the success of each project or program, and what your expectation is for that metric in 1, 2, and 3 years.
Sign up for my ICS Security: Friday News & Notes
Photo Credit: AgnosticPreachersKid, CC BY-SA 3.0 https://creativecommons.org/licenses/by-sa/3.0, via Wikimedia Commons
The post Election 2024 – Simple Guidance For The Next Administration appeared first on Dale Peterson: ICS Security Catalyst.