Above diagram shows how DHS’ CDM program will work. CLICK TO ENLARGE
Government needs to become more agile and efficient in the way it combats cyberthreats. CDM is a step in the right direction.
Cybersecurity is a preeminent concern for government officials. In today’s world, it’s imperative that government protects our critical infrastructure to preserve our physical and economic security. To do so, cyber professionals must obtain real-time visibility of networks, improve ability to mitigate known flaws and decrease security risks by reducing their vulnerabilities.
That’s why the Continuous Diagnostic and Mitigation (CDM) program, which enables government entities to decrease known cyber risks and flaws by expanding their continuous diagnostic capabilities, is so important. CDM is poised to have a tremendous effect on government by changing the way agencies combat cyberthreats and improve cybersecurity preparedness. The program does this by:
- Strategically sourcing tools and continuous-monitoring-as-a-service (CMaaS) solutions.
- Improving visibility of network vulnerabilities, risks and flaws.
- Mitigating and identifying flaws at near-network speed.
- Supporting efforts to provide adequate, risk-based and cost-effective security solutions.
CDM will help agencies procure commercial continuous monitoring solutions. First, the Homeland Security Department, which established the program, will help an agency set up the proper sensors to conduct an automated search for cyber flaws. The results will feed into a local dashboard and export customized reports. The reports can then alert network managers to the most critical flaws and risks based on weighted scores. Administrators will receive prioritized alerts to help allocate resources to mitigate flaws. Finally, progress will be tracked through dashboards and can be compared among department and agency networks, which will help improve the shared risk of each department.
Although new technology continues to enter the marketplace to make life easier, it also leads to increased security risks. Technology trends such as the Internet of Things, mobile and cloud computing have helped meet the public sector’s growing and multifaceted needs. At the same time, this dynamic has led to conflicting interests and added complexity. On one hand, agencies must leverage new technology to meet demand. On the other, technology must be deployed safely and securely to protect data and confidential information.
For more information on the CDM process and to view some interesting statistics and content, you can download “The Continuous Diagnostic & Mitigation Program Field Guide” Report for FREE.
Patrick Fiorenza is a Senior Research Analyst at GovLoop which strives to connect government to improve government. He can be reached at pat@govloop.com.
