Steve Caimi, Industry Solutions Specialist for Sourcefire (now part of Cisco), spoke with us about the opportunity which CDM presents, and how Sourcefire can help agencies prepare. To learn more about CDM, please download and view our guide.
The Continuous Diagnostic and Mitigation (CDM) program is a positive step in the right direction. The program ultimately will improve the way government assess, mitigates and combats cyber attacks in a diverse landscape. With help from DHS, CDM enables government entities to decrease known cyber risks and flaws by expanding their continuous diagnostic capabilities. The CDM program is helping agencies to improve their cybersecurity preparedness. The program does this by:
- Strategically sourcing tools and continuous monitoring as a service (CMaaS) solutions
- Improving visibility of network vulnerabilities, risks and flaws
- Mitigating and identifying flaws at near-network speed
- Supporting efforts to provide adequate, risk-based, and cost-effective security solutions
CDM will help agencies procure commercial off-the-shelf (COTS) continuous monitoring solutions. First, the Department of Homeland Security (DHS) will help an agency set up the proper sensors to conduct an automated search for cyber flaws. These results will feed into a local dashboard, and export customized reports. The reports can then alert network managers of the most critical flaws and risks, based on weighted scores. Administers will received prioritized alerts to help allocate resources to mitigate flaws. Finally, progress will be tracked through dashboards and can be compared among department and agency networks, which will help improve the shared risk of each department. Caimi identified four ways that CDM is improving the cybersecurity posture of agencies:
1. Visibility: One of the first things is visibility. If you look the first phase of CDM for example, it’s about things like hardware and software asset management and that speaks to knowing what is out there. How many federal agencies don’t even know what systems are out there and deployed? So with the right capabilities, getting visibility into what’s out there, you know applications, you know operating systems are running, and with the right sense for the right dashboards, real time information, that provides a real opportunity for unmatched visibility. That’s probably one of the first things we point out as a real opportunity. The way you see everything with the right context in order to make these informed decisions.
2. Consistent Control: Once you know what’s out there, then it’s about consistent control. You have to create consistent policies across the network, into the data center and across applications. So this gives a real opportunity to drive consistency through control platforms and automation. And those kinds of things provide agencies and the departments in agencies real opportunities to lower operational risk, and to fix some of the worst problems first. So that idea of consistent control is a real opportunity [with CDM].
3. Advanced Threat Protection: The spirit of [CDM] is based on the fact that we have to protect against today’s threats. Today if attacks are happening at lightning speed, we have things like advanced malware, we have advanced persistent threats that are occurring. We know threats are going to continue to occur whether they come from the inside or from the outside, so the right types of solutions present a real opportunity for federal agencies to do a far better job of protecting [against attacks], and really achieving the true spirit of CDM.
4. Complexity reduction: [CDM] gives a real opportunity to reduce the complexity in the federal departments and agencies, and this complexity reduction not only has lets us react faster, but it also allows the security team to focus on higher value type activities. With the right CDM solutions, not only can agencies adapt to changing dynamics, but also can make all the solutions work together.
These four elements are changing the way that agencies deliver services and remain secure. In the long run, the CDM program will be expanded from the basic diagnostic and mitigation capabilities, to protecting custom software that government agencies are creating.
“In a small way, we hope that as this program goes forward, that we’re going to have a tool that will ultimately benefit everyone in the organization as well as taxpayers and businesses that interact with the government,” said John Streufert, Director, Federal Network Resilience at US Department of Homeland Security, in GovLoop’s CDM report. “They’ll sleep better at night knowing that their information is safer.”
Want More GovLoop Content? Sign Up For Email Updates
Focused on its mission to be the leader in intelligent cybersecurity solutions, Sourcefire is transforming the way mid- to large-size organizations and government agencies manage and minimize network security risks. With solutions from a next-generation network security platform to advanced malware protection, Sourcefire provides customers with Agile Security® that is as dynamic as the real world it protects and the attackers against which it defends.