HHS supports strategies to ensure the security of HHS facilities, technology, data, and information, while advancing environment-friendly practices. HHS is focused on shifting the culture of data use across the enterprise to maximize the power of data. The Department is leveraging modernization as a gateway to strengthened cybersecurity and enhanced risk management. HHS also captures and applies lessons learned from real-world experiences to strengthen operational resilience. Below is a selection of strategies HHS is implementing.
Contributing OpDivs and StaffDivs
All OpDivs and StaffDivs contribute to achievement of this objective.
Strategies
Strategically shift the culture of data use across the enterprise towards sharing data to maximize the power of data
- Evaluate the behaviors, risk-framework, and incentive structure around data sharing and increase the value of data to be an enterprise-level asset for the Department.
- Advance effective data management and ethical data use across the Department by addressing essential elements related to data integrity, quality, privacy, and security.
- Create and utilize strategic frameworks for the trustworthy and ethical deployment of artificial intelligence and machine learning solutions across the Department.
Leverage HHS modernization as a gateway to strengthened cybersecurity and enhanced risk management
- Modernize legacy information technology infrastructure, processes, and systems and deploying emerging technologies, such as artificial intelligence and machine learning, and zero trust to drive greater operational visibility into potential vulnerabilities across the Department.
- Align information security risk management and information technology modernization efforts with enterprise risk management by sharing opportunities and risks among information security and privacy, information technology, and other management disciplines, which will help HHS to ensure that information security and information technology modernization initiatives directly support mission priorities and HHS stakeholders, and consistently meet mandated requirements.
- Continually improve staff awareness of HHS risk posture and cybersecurity threats through awareness programs.
Capture and apply lessons learned from real-world experiences to strengthen operational resilience and continuity to deliver the HHS mission
- Ensure the continuity of government by protecting employees and safeguarding HHS physical and digital assets during natural or man-made events through viable Continuity of Operations and Occupant Emergency Plans.
- Implement best practice security measures when modernizing and remodeling workspaces.
- Strategically hire, train, equip and empower the appropriate workforce charged with ensuring the safety and security for all HHS employees, visitors, and assets.
