Streamlining operations for federal effectiveness: Strategies to counter third-party dangers and internal security breaches
In the ever-evolving landscape of cybersecurity, federal agencies are grappling with a myriad of issues, from insider threats to third-party vulnerabilities. As budget constraints and hiring freezes loom, the focus remains on maintaining critical cybersecurity standards while adopting a leaner, less centralised compliance environment.
The Trump administration's June 2025 Executive Order on cybersecurity has revised prior policies, emphasising AI-cyber convergence, secure software development, and addressing foreign threats. Agencies are still required to adhere to NIST standards, which govern software and technology acquisition, security testing, and compliance, addressing third-party and supply chain vulnerabilities more effectively.
The administration's policy favours decentralising cybersecurity responsibilities to federal agencies and defence contractors with a streamlined compliance framework. This approach includes maintaining oversight for AI-related vulnerabilities and incorporating them into broader interagency vulnerability management protocols. However, recent budget cuts have led to significant workforce reductions, diminishing federal support programs that previously provided critical infrastructure assistance.
Agencies like the OCC emphasise operational resilience by establishing supervisory frameworks, risk management controls, and continuous coordination with regulatory and industry partners. The government continues to issue cybersecurity warnings to critical infrastructure operators, highlighting ongoing risks from insider threats and external adversaries.
Financial gain is the leading motive for malicious insiders, but espionage and personal grudges also play a significant role. Unintentional insider threats can result from security policy violations and human error. To address these risks, there is a strategic push to adopt artificial intelligence across the federal government, potentially expanding risks from new third-party software and AI.
In March, the National Institute of Standards and Technology released guidelines to address AI risks, detailing threat and mitigation strategies. Government agencies must identify their most critical systems and data to begin addressing insider threats and third-party risks. Employees who feel negatively impacted by organisational changes are more susceptible to recruitment or manipulation by external threat actors.
Addressing these cyber risks is about helping agencies achieve their missions and build cyber resilience. Organisations should consult with legal and compliance professionals to ensure their cybersecurity strategies meet all applicable federal, state, and international requirements. It's critical that the federal government plans for and builds in mitigations for different types of motives and outcomes that cybercriminals want to achieve.
The federal government must focus on the motive of the threat actor, not just the tools they use once they have access. This article is for informational purposes only and does not constitute business or legal advice. The views expressed in this article are those of the author and do not necessarily reflect the official policy or position of Rubrik.
Insider threats pose risks to national security and operational aspects of government agencies. As the government navigates new initiatives on efficiency and cybersecurity executive orders, it's crucial to remember that insider threats and cyberattacks against third-party vulnerabilities will continue to wreak havoc across government. Budget constraints and acquisition processes must keep up with the rapid pace of technological change in the strategic planning process.
[1] Executive Order on Improving the Nation's Cybersecurity, The White House, June 2025. [2] Memorandum for the Heads of Executive Departments and Agencies: Modernizing Federal Cybersecurity, The White House, June 2025. [3] Supervisory Guidance on Model Risk Management, OCC, 2025. [4] Federal Cybersecurity Workforce Reductions: Implications for Critical Infrastructure Protection, GAO, 2025. [5] Joint Cybersecurity Advisory - Insider Threats, CISA, 2025.
- The Trump administration's Executive Order from June 2025 aims to reimagine the federal workforce's cybersecurity approach, focusing on AI-cyber convergence, secure software development, and foreign threats, while adopting a more decentralized compliance framework.
- Policy and legislation, such as the revised June 2025 Executive Order on cybersecurity and the Memorandum for the Heads of Executive Departments and Agencies: Modernizing Federal Cybersecurity, seek to address the challenges faced by federal agencies in maintaining cybersecurity standards amid budget cuts and workforce reductions.
- Input from legal and compliance professionals is crucial for government agencies to ensure their data-and-cloud-computing, technology, and policy adherence complies with all relevant federal, state, and international requirements in the face of increasing threats, including cybersecurity, budget cuts, and workforce reimagining.
- With budget cuts resulting in workforce reductions, general news outlets have noted implications for critical infrastructure protection, as agencies like the OCC focus on operational resilience and risk management in response to insider threats, third-party vulnerabilities, and ongoing risks from insider threats and external adversaries.
