Using the Department of Homeland Security’s new Continuous Diagnostics and Mitigation contract to strengthen cybersecurity promises not only to eliminate the vast majority of cyber attacks on government computers, it will save a lot of money.
John Streufert, director of federal network resilience at DHS, told an audience at Federal Times’ “The Next Chapter in Federal Cybersecurity” that 85% of cyber attacks could be stopped simply by implementing just a handful of security measures.
According to a 2013 report by the Center for Strategic and International Studies, he said, three-quarters of the attacks target known vulnerabilities, and 90% of those attacks use simple hacking techniques that are thwarted by simple network hygiene.
Just as important in the current fiscal climate, using the automated tools available through the CDM vehicle will save significant amounts of money and labor. The manual process for generating required reports creates 7,200 reports every three months, he said. The first task order, which was issued in January, resulted in budget avoidance of $26 million.
As for manpower savings, Streufert said he sent his operations researcher to look at past years of reports. He estimated that if they were stacked in a single pile, “it would be 438 feet high – two-thirds of the Washington Monument annually.”
The good news is that agencies have responded to the availability of the new cybersecurity contract. He said there are now more than 47 memoranda of understanding (MOUs), covering 96% of government systems and all 23 of the most critical agencies.
“A number of the largest cabinet departments and agencies have very sophisticated [centers] for evaluating events. For those, CDM is adding a bit of [services] and some tools” to raise them to a higher level, Streufert said.
“We can respond to exploits at close to network speeds,” he said.
The contract can really make a difference for a host of smaller agencies. It can be used by civilian agencies, the Defense Department, the defense industrial base, state and local governments, and tribal governments – 25 million users, in all, he said.
The first task order concentrated on providing tools to address long-standing security issues, such as patch management and controlling the number of individuals with administrative privileges. The second and third task orders will focus much more on security for cloud and mobile computing.
“There are a broad range of initiatives across the government on mobile,” he said, including “how to do identity management on mobile devices.”