Government networks are targets of constant cyberattacks, putting data and availability at risk. To strengthen defenses, the Homeland Security Department (DHS) established the CDM Program.
Short for Continuous Diagnostics and Mitigation, CDM provides DHS and federal agencies with tools and techniques to continuously identify and prioritize cybersecurity risks so they can tackle the most critical threats first.
The program is designed to use many different off-the-shelf tools, which are pre-approved by DHS and available from the General Services Administration (GSA), to monitor networks for suspicious activity and analyze the results.
In the end, CDM will greatly reduce your agency’s network vulnerabilities, give you an accurate picture of how well your defenses are working and help you respond to cybersecurity threats more quickly and efficiently.
To do this, the CDM Program focuses on five key areas of capability: asset management, identity and access management, network security management, data protection management and dashboards.
- Asset management watches over what is on the network. This area includes device and software control, security configuration settings and software vulnerabilities.
- Identity and access management looks at who is on the network. This means ensuring only authorized users can access accounts and limiting what they can see and do on the network. Security awareness training also comes into play.
- Network security management looks at what is happening on the network. From the edge of the network to the core, network security management monitors servers, workstations, and all kinds of devices. It also keeps tabs on data, whether in storage or moving across the network.
- Data protection management addresses how data is protected. In addition to common data protection methods, this area also involves data discovery and classification, data loss prevention, data breach mitigation and information rights management.
- Finally, dashboards display security information gathered from CDM tools. A dashboard is a graphical user interface that provides at-a-glance views of all kinds of metrics and performance indicators. Using the dashboards lets you visualize your agency’s security posture, which means its status of strengths and weaknesses, as well as compare it to other agencies.
How will all of this be accomplished? Through services collectively known as Dynamic and Evolving Federal Enterprise Network Defense, or DEFEND. Several companies are approved to provide DEFEND services via task orders managed by DHS. You’ll hear more about DEFEND, and how it works, as you pursue your CDM initiative.
This article is part of GovLoop’s recent course, “Manage Cybersecurity Threats With the CDM Dashboard Ecosystem,” created in partnership with Elastic. Access the full course here.