Information Systems and Cybersecurity – Annual Report 2018
The Judiciary is committed to maintaining secure, robust, and flexible technology systems that meet the changing needs of judges, court staff, and the public.
Cybersecurity Remains a High Priority
The Judiciary has taken steps in recent years to counter a range of threats posed by hacking, computer viruses, and other malicious acts. Assisting courts with their cybersecurity needs is a top priority of the Administrative Office of the U.S. Courts (AO). A multi-faceted effort to protect the Judiciary’s IT systems continued in 2018. Mandatory security assessments by independent experts were either completed, underway, or scheduled for all courts. The goal is to evaluate management, technical, and operational safeguards. An independent assessment will be conducted in each court at least once every five years.
The federal courts began conducting comprehensive self-assessments in 2017 to identify vulnerabilities and the resources to address them. After completing the initial round of self-assessments in the first year of the program, the courts are continuing to do them annually. Gathering consistent, comparable data annually will enable informed, risk-based decisions.
Beginning in 2018, the Judiciary’s national IT systems were also undergoing regular security assessments, including the CM/ECF system, which is the Case Management and Electronic Case Files system used Judiciary-wide to store and manage court case files. Assessments were scheduled on a recurring basis in accordance with a risk-based determination of their priority. High-priority systems will be assessed once every three years, moderate-priority systems once every five years, and low-priority systems every seven years, with assessments planned and scheduled through fiscal year 2025.
Adopting Tools to Increase Collaboration and Efficiency
In early 2018, the AO began the process of adopting SharePoint Online, a web-based collaboration and communications platform that can foster increased collaboration, productivity, and efficiency among the federal courts and their staffs. The platform will allow employees across the Judiciary to share content online easily, including electronic documents, photos, and drawings. The content can be accessed with a standard web browser, and because it’s hosted in the cloud, it can be accessed anywhere, on any device, at any time. SharePoint Online will be rolled out to all courts after a period of testing, developing a protocol that incorporates the imperative of local court decisions, and standardizing nomenclature so courts can identify and locate documents shared by other courts. A few courts will take part in an initial pilot project.
Planning for the Future
A group of nearly 50 judges, court unit executives, court technical staff, and AO IT managers held tactical planning sessions to guide the Judiciary’s national IT program into the future. Main areas of focus were cybersecurity and secure mobility, situational awareness, technical standards, access management, cloud technology, and training. The group identified initiatives that could be launched over the next three years. Resource requirements will be incorporated into the Judiciary’s budget requests to Congress.