When the Office of Management and Budget (OMB) released the President’s Management Agenda (PMA) on December 8, it set a clear expectation that the federal government must deliver better outcomes with greater efficiency. This PMA places responsibility on agencies to eliminate waste, strengthen accountability, and deliver results with the discipline expected of a high-performing enterprise.

In the months ahead, agencies will see new Cross-Agency Priority (CAP) goals connected directly to these expectations. In cybersecurity, that shift will be especially visible. Future goals will not only measure whether agencies have deployed modern, cost-efficient tools—they will assess whether those tools are improving outcomes, reducing operational burden, and lowering cost.

To meet CAP goals for “defend against and persistently combat cyber enemies,” agencies will need measures that track real-world outcomes: faster detection, reduced intrusion volume, and tangible improvements in analyst workload.

AI-native companies like Abnormal AI operate with the understanding that threats evolve daily and that defensive systems must evolve with them. In the email space, we’ve observed a near doubling of AI-generated email attacks within the past 18 months. These patterns shift quickly; traditional rule-based systems struggle to keep pace; and success hinges on whether architectures are built for deployment.

Email remains a consistently exploited vector in nation-state operations. To see how these tactics have evolved, this timeline traces the progression of email-based campaigns carried out by Chinese APT groups.

The PMA’s call to “eliminate data silos” is not simply an efficiency directive; it is a recognition that agencies cannot defend effectively if relevant data is trapped inside organizational boundaries or legacy systems. The objective is not consolidation for its own sake but could reflect the administration’s desire to enable AI to operate at the speed modern threats demand. To reduce duplicative effort and unnecessary workload—the explicit goals of the PMA—data must be treated as an enterprise asset.

To succeed, agencies must normalize data sharing across components and across the federal enterprise. For years, the government has relied on voluntary collaboration and episodic information sharing, but that model no longer matches the speed of today’s threats. Agencies should be expected to leverage shared data to detect and disrupt risks that evolve far faster than any single organization can track alone.As CAP goals take shape, useful metrics could include adoption of shared services, such as those offered by the Cybersecurity and Infrastructure Security Agency (CISA), and the degree to which each agency component contributes high-quality telemetry to government-wide dashboards. These measures show not only that agencies are managing their own risks, but that they are strengthening the federal enterprise as a whole.

Outcome-driven performance measurement will define the next phase of federal modernization. Agencies that can show measurable improvements—fewer incidents, faster triage, reduced analyst hours, clearer decision intelligence—will be well positioned for future CAP goals.

In cybersecurity, this will mean demonstrating how AI reduces incident volume, accelerates triage, and shifts human time toward higher-value investigative work. This is a direct response to the PMA’s emphasis on reducing unnecessary positions and using the workforce more strategically. In mission operations, it will mean showing reductions in backlogs and improvements to adjudication speed.

The federal government will be better positioned for future CAP goals if it enables architecture and data choices that enable fast results and better decision making. In the search for such solutions, agencies should look for platforms that centralize data because they outperform fragmented environments. And those that are purpose-built for specific problems because they outperform generalized tools that agencies must heavily customize.

Agencies do not need to wait for CAP goals to begin aligning to the PMA’s expectations. They can start by adopting practices that mirror how high-performing organizations modernize operations.

1. Identify one mission or workflow where efficiency can be measured today.
   Pick a workflow and measure current performance: time spent, steps involved, approvals required, FTE hours, etc can serve as indicators. This becomes the baseline for outcome-based improvement.
2. Establish cross-functional “outcome teams” for priority workflows.
   Blend mission owners, procurement, legal, and finance teams into a single team accountable for improving a specific operational outcome. This mirrors how high-performance companies accelerate change and enables a “win” for multiple teams.
3. Build an internal inventory of redundant or low-value processes.
   Identify processes that consume time but do not improve mission performance. Many agencies already know these exist but have never formally catalogued them. This list becomes a roadmap for simplification as CAP goals tighten expectations.

The PMA has set the destination: a government that delivers results efficiently and defends the nation against modern threats. The work for agencies in 2026 is to begin aligning to that future by identifying operational redundancies, strategically consolidating data, and establishing quantifiable metrics that reflect both security impact and workforce efficiency. These steps will help ensure agencies are prepared not only for future CAP goals but for the operational realities of 2026 and beyond.

Interested in learning more about how Abnormal AI can protect your agency? Schedule a demo today!