A government source familiar with the State Department’s cyber efforts said there were several reasons why the agency pulled the RFI.
“It wasn’t coordinated broadly enough across the department,” said the official, who requested anonymity because they didn’t obtain permission to talk about this topic. “There were certain things in there that were not appropriate for State to be looking at. And the timing was off with Chinese state visit at the end of the month.”
In the RFI, State said it was looking for “specialized cybersecurity experts” who can write a how-to guide for responding to cyber attacks and coordinating offensive cyber activities.
The Federal Times first reported State’s decision to scratch its playbook plans.
The bigger question is why did State back away from what seems like a good idea?
The general concept is a good one — focusing on industry best practices to address cyber challenges.
I wonder if State would’ve called it a cyber “strategy” instead of a “playbook” if the powers-that-be wouldn’t have been concerned and pulled back on the idea?
The playbook concept is fairly new to the government with the Office of Management and Budget introducing one for the digital services. But when you do a search on cyber playbook on The Google, you find Mitre Corp. has a one, Cisco says using this concept helps organize information on a specific subject, such as cyber, and Invotas wrote a blog in June asking what your cyber playbook looks like?