by Eugenio Rivera

The Continuous Diagnostic and Mitigation (CDM) Program, launched in 2013, allows federal agencies to scrutinize their information technology (IT) systems and react almost instantaneously to vulnerabilities. It empowers agencies to identify and prioritize risks and allows cybersecurity personnel to address the most important challenges first. The CDM Program makes available standard tools, hardware, software and services that agencies can access via a central account. The Department of Homeland Security (DHS) manages the CDM Program in collaboration with the General Services Administration.

Federal systems encounter large and wide-ranging cyber threats that fluctuate from ingenious hackers to technically competent impostors using state-of-the-art meddling techniques. Because many mischievous incidents take information and intrude, obstruct, damage or destroy critical information systems, it’s important to toughen the security stance of these networks. The CDM Program’s purpose is to protect government IT networks from cybersecurity perils by providing nonstop monitoring, discovery, analysis, alleviation tools and Continuous Monitoring as a Service (CMaaS). Notably, the CDM Program makes these goods and services available to state, regional, local and tribal federal governments, too, so that they can enhance and further automate their existing continuous network.

Implementing Continuous Monitoring to Combat the Nation’s Cyber Threat

The CDM Program exists to strengthen the cybersecurity of all civilian federal government information networks by providing resources that deliver appropriate, prompt and actionable information. Under the CDM Program, all federal civilian organizations have access to constant censoring devices, analysis, alleviation tools, consoles and CMaaS to bolster the security posture of their networks.

The CDM Program consists of four phases: What is on the network? Who is on the network? What is happening on the network? and How is data protected? Essentially, Phases 1 and 2 concentrate on understanding what systems are attached to the network and who has the right to use those systems, while Phases 3 and 4 focus on network activity and data security.

Federal Dashboard Update

The federal government isn't frequently held up as a model for IT development and performance. However, the CDM Program exemplifies a policy ruling that is producing results. It provides civilian federal agencies a practical, cost-efficient way to modernize their cybersecurity posture by providing them the means to identify cybersecurity risks on a continuous basis, prioritize these risks based on potential impacts and address the most significant risks first.

As a result of the CFO (Chief Financial Officer) Act, organizations now have cybersecurity risk control panels that feed into a federal dashboard, making vulnerability management a top priority. The console provides DHS an enterprise-wide view of  real-time threats throughout the government. In conjunction with NIST SP 800-137 “Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations,” which offers agencies a strategy for developing and implementing a continuous monitoring program, the CDM Program offers a practical and effective means of hardening the government’s cybersecurity efforts.

Where Is the CDM Program Going in 2019 and Beyond?

2019 is an important year for the CDM Program. More agencies will implement the tools it offers, and DHS will roll out new ones to heighten government IT security. 

The term “phase” will be replaced by “stage” in order to communicate a unified view of the cybersecurity process as a whole and eliminate the perception that implementation is a sequential effort. The stages are as follows: Stage 1 is Asset Management; Stage 2 is Identity and Access Management; Stage 3 is Network Security Management; and Stage 4 is Data Protection Management.

Over the next two years, the CDM Program will concentrate on establishing its latest risk recording system, transitioning less important agencies onto a mutual services platform and making program information more valuable and actionable for federal agencies and managers.

Eugenio Rivera is an Identity Access Management SME who works within the Office of Comptroller & Currency in Washington, DC and manages the CDM Program, including CyberArk and SailPoint.