To improve the federal government’s cybersecurity posture, the Department of Homeland Security created the Continuous Diagnostics and Mitigation (CDM) program. On September 6, the House of Representatives voted to codify CDM, and barely two weeks later, the White House’s National Cyber Strategy assigned to DHS still more authority over cybersecurity in the United States. What’s more, government contractors are winning 9- and 10-figure CDM contracts, so it’s clear that CDM’s time has come.
What is CDM? Well, it’s a major DHS program that lets federal agencies – including DHS itself – identify and monitor risk continuously, and to detect and respond to threats in real time. It also provides a structured approach to security in clear-cut phases:
1. Who’s on the network?
2. What’s happening on the network?
3. How is data protected?
We are in Phase 3 now, and Phase 4 is not far away—time to get ready. At your agency, can your network and perimeter components – virtual and physical – truly tell you “What’s happening on the network?” Do you have the tools to detect incidents, and to hunt for threats? Can you monitor user behavior, and respond automatically to suspicious events? Have you identified your high-value assets – in concert with the May 2017 Executive Order – to anticipate encryption needs and lay the groundwork for data loss protection (DLP)? How well and how automatically does your agency respond to security incidents? Can you correlate information from multiple sources and draw intelligent inferences to find attackers – in real time, or after the fact? Do you consume threat information from multiple sources to optimize response?
Monitoring your network, detecting threats and mitigating intrusions, and clearly identifying the location and flow of critical data—all of these are key facets of CDM phases 3 and 4. DLT’s cybersecurity product line can help you answer these questions, and keep you up-to-date with current and future CDM phases.