The continuous Diagnostics and Mitigation ( CDM ) Program provides a active overture to fortifying the cybersecurity of politics networks and systems. The CDM Program delivers cybersecurity tools, integration services, and dashboards that help participating agencies improve their security model by :
- Reducing agency threat surface
- Increasing visibility into the federal cybersecurity posture
- Improving federal cybersecurity response capabilities
- Streamlining Federal Information Security Modernization Act (FISMA) reporting
The CDM Program was developed in 2012 to support government-wide and agency-specific efforts to provide risk-based, consistent, and cost-efficient cybersecurity solutions to protect federal civilian networks across all organizational tiers .
To learn more, read the CDM Program Overview fact sheet.
Learn more about CDM’s capabilities and how the program works in this introductory video.
CDM Solutions for Federal Agencies
The CDM Program helps federal civilian agencies better understand and improve their net defensive structure strategies .
When agencies first began using CDM tools, they discovered that their networks contained more endpoints ( for example, routers, laptops, PCs ) than they had initially estimated—and in some cases the increase was 200 % more. By implementing CDM capabilities, agencies are good equipped to address vulnerabilities due to huge improvements in situational awareness across their networks .
The CDM Program equips agencies with tools and capabilities that provide the stick to benefits :
- Increased automation to identify assets
- Improved accuracy, reporting, risk management decision making, and incident response
- Enhanced near real-time monitoring and risk response
- Improved oversight and awareness
- Fewer resources needed to acquire network systems, perform cyber monitoring, and conduct threat remediation efforts
- Centralized funding for agencies to procure CDM automated tools
- Streamlined compliance with FISMA and other federal cybersecurity mandates and initiatives
- Improved visibility and situational awareness within agencies and across the Federal Government
CDM Success Stories
CDM helps federal agencies manage information technology ( IT ) security and further their programmatic missions :
The Small Business Administration (SBA) used CDM services and tools to cursorily scale up and secure its IT infrastructure to deploy capabilities made potential through distribution of CARES Act funds and support economically-impacted occupation owners as the COVID-19 pandemic was gripping the nation. Please click here to read the full Small Business Administration success narrative .
“ Without this hold from CDM, we would have struggled. rather, we gained extra terror intelligence and an functional rise we needed in the short-run, and for the long-run we have gained foundational improvements that will enhance our systems well into the future. ” – SBA CISO
The Department of Health and Human Services (HHS) worked with CDM to promptly address heighten refer about pandemic-related data security system by strengthening its cybersecurity terror intelligence and reaction mechanisms. Please cluck here to read the full Department of Health and Human Services success floor .
“ The CDM course of study gave us every resource we needed to defend the department while working on a vaccine to help the american english public. ” – HHS CISO
The Cybersecurity and Infrastructure Security Agency (CISA) deployed an industry-leading privileged access management ( PAM ) tool as part of its CDM execution to transition the 30 disparate information systems it managed into a cohesive enterprise-wide approach. With this creature, CISA ‘s security operations team found an effective solution for the results they desired and gained visibility and enhanced security throughout their organization.
Please cluck here to read the full Cybersecurity and Infrastructure Security Agency success floor .
“ I ‘m a big advocate of automation in IT security, rather than relying on people. Machines do n’t have well days and bad days. ” – CISA Associate Chief of Security Operations
CDM Capabilities
The CDM Program delivers capabilities in four areas :
Asset Management | What is on the network?
Managing “ what is on the network ? ” helps agencies monitor devices on their network. Asset Management includes four functional areas :
- Hardware asset management
- Software asset management
- Configuration settings management
- Software vulnerability management
- Enterprise mobility management
To learn more, read the CDM Asset Management capability fact sheet .
Identity and Access Management | Who is on the network?
Managing “ who is on the network ? ” helps agencies monitor who uses their networks and what kind of access and privileges those users have. Identity and Access Management includes four integrate functional areas :
- Account/access/managed privileges
- Trust determination for people granted access
- Credentials and authentication
- Security-related behavioral training
To learn more, read the CDM Identity and Access Management capability fact plane .
Network Security Management | What is happening on the network? How is the network protected?
Managing “ what is happening on the network ? ” and “ how the net is protected ” helps agencies protect against chop, misuse, and unauthorized changes to inner and external boundary defenses. This capability protects agency systems by increasing visibility of :
- Network behavior
- Firewall traffic
- Encrypted and decrypted data
- Virtual private network connections
- Ports and protocols
To learn more, read the CDM Network Security Management capability fact sheet .
Data Protection Management | How is data protected?
Managing “ how is data protected ? ” helps agencies protect highly sensible data ( specially data with personally identifiable information ) on their networks through five sub-capabilities :
- Data discovery and classification
- Data protection
- Data loss prevention
- Data breach/spillage mitigation
- Information rights management
To learn more, read the CDM Data Protection Management capability fact sheet .
CDM Agency and Federal Dashboards
CDM Agency Dashboards receive, aggregate, and display information from CDM tools on means networks and then push summarized information for display on the CDM Federal Dashboard .
- The CDM Agency Dashboard displays data about devices, users, privileges, and vulnerabilities. This dashboard collects and arranges detailed information on vulnerabilities gathered and provides an object-level view of an agency’s cybersecurity posture.
- The CDM Federal Dashboard gives CISA and the Office of Management and Budget (OMB) visibility across all federal networks to better understand how participating agencies are managing their cyber risk and to ultimately improve cybersecurity across the Federal Government. The information retrieved through this dashboard helps determine if additional resources, guidance, policies, or directives are needed to improve risk management at the agency level.
To learn more, read the CDM Program ‘s Dashboard Ecosystem fact sheet.
Agency-Wide Adaptive Risk Enumeration (AWARE)
Addressing the Worst Problems First
Agency-Wide Adaptive Risk Enumeration ( AWARE ) is CDM ’ s risk-scoring methodology. It provides participating agencies with enhanced situational awareness of cyber risk and enables timely redress of threats and vulnerabilities while addressing the worst problems first .
AWARE addresses a mix of factors affecting cybersecurity, including vulnerability type, how long the vulnerability existed, and where the vulnerability occurs.
presently, AWARE measures each representation ’ s overall cybersecurity military capability. As mindful matures, the CDM Program will develop a system-level approach, exploring how each organization within the agency is doing, the FISMA level, and how agencies are performing with a assortment of activities such as multifactor authentication and threat intelligence .
Click the television below to learn more :
AWARE: Measuring Cybersecurity Performance
To learn more, read the CDM Program ‘s AWARE Scoring fact plane .
Shared Services Platform
The CDM Shared Services Platform extends current capabilities of the existing CDM Program into a manner of speaking model that adheres to the congress of racial equality principles of a shared overhaul. CDM shared services directly supports the OMB Chief Information Officer ’ s Federal Cloud Computing Strategy – Cloud Smart ( once Cloud First ) – and the Federal Information Technology Shared Services Strategy – Shared-First – while besides meeting the objectives of the CDM Program .
The CDM Shared Services Platform provides non-CFO Act agencies access to CDM capabilities, leveraging a cost model and access that is tailored to small and micro-agency resource constraints, such as support and staff size. information from these CDM capabilities is sent first to individual agency dashboards in the shared services environment and is then reported to the CDM Federal Dashboard in compendious format.
Read more: Swansea City A.F.C.
While using the Shared Services Platform, participating agencies have access to resources that include :
- CDM training sessions
- CDM all-agency meetings
- Incorporation of lessons learned from previous CDM deployments
- Meetings with system integrator(s) to begin deployment planning
Mobile
As more agency employees are connecting their mobile devices to representation networks, cybersecurity risks increase. To address these risks, the CDM Program has a focus on securing mobile assets across the Federal Enterprise. CDM ’ s Fiscal Year 2021 priorities to achieve this objective include :
- Assisting agencies with enhanced visibility, protections, and management of mobile assets
- Interfacing with agency enterprise mobility management systems, extending the capability where necessary, and enabling comprehensive discovery and reporting of mobile assets to the agency’s CDM Dashboard
- Collaborating with the National Cybersecurity Center of Excellence to research, test, and/or develop emerging mobile capabilities (e.g., mobile threat defense, mobile application vetting)
- Working closely with National Institute of Standards and Technology to update and align with federal guidance
- Participating in technical advisory and leadership roles within the Federal Mobility Group
CDM works with defile service providers to support agencies that are adopting more cloud-based services and managing IT services and capabilities in these environments. The CDM Program continues to evolve to equip agencies with monitoring tools and capabilities to understand cyber risk in the obscure .
By issuing regular cloud guidance updates, CDM provides users with consistent, government-wide Information Security Continuous Monitoring ( ISCM ) tools. It besides describes the expansion or improvement of capabilities that cloud service providers are adding to their offerings .
CDM Acquisition Strategy
The CDM skill strategy provides products and services to federal civilian agencies to meet CDM Program objectives. The acquisition scheme consists of the comply components :
-
CDM Approved Product List
The CDM Program ’ s Approved Products List ( APL ) is the authoritative catalog for approved products that meet CDM technical foul requirements. Software and hardware manufacturers and resellers can submit products for retainer monthly. CISA reviews each submission against established CDM Program criteria to validate the seller ’ second claim that each intersection meets the requirements for the capability class for which it was submitted .
-
CDM Tools Special Item Number (SIN)
The CDM Tools SIN is retiring in January 2022, but CDM products are tagged on GSA Advantage and available for purchase on IT Schedule 70. More information will be available soon .
-
CDM DEFEND Task Orders
CDM Dynamic and Evolving Federal Enterprise Network Defense ( DEFEND ) is a series of task orders offering an across-the-board set about for addressing CDM Program requirements. Each DEFEND job order is executed by an diligence partner that is responsible for installing and deploying CDM capabilities at union civilian agencies. DEFEND offers a wide array of benefits, such as providing tractability to purchase new tools as they are developed and allowing agencies to shorten learning timelines by reducing the frequency of recompetes .
Please reach out to csd_cb.acqbudg @ cisa.dhs.gov for any CDM skill and CDM APL-related questions .
CDM Program Training
The CDM Program offers training opportunities to learn how to manage, monitor, and oversee controls of CDM data and how to report CDM measurements or metrics .
For registration information and to sign-up to receive train notifications, electronic mail CyberInsights @ cisa.dhs.gov .
Resources
CDM Program Video Series
continuous Diagnostics and Mitigation ( CDM ) program : DEFENDing the Nation ’ s Federal Networks
Learn more about CDM ’ s capabilities and how the program works in this basic television featuring CDM Program Manager Kevin Cox .
aware : quantify Cybersecurity Performance
AWARE, a keystone benefit of CISA ’ s continuous Diagnostics Mitigation ( CDM ) Program, helps federal civilian agencies to assess the size and telescope of their cyber vulnerabilities so they can address the worst problems first. Learn more by viewing the AWARE : Measuring Cybersecurity Performance video .
Fact Sheets
CDM Program Overview – The continuous Diagnostics and Mitigation ( CDM ) Program informs CIOs, CISOs, data system security officers, and network administrators on the cyber military capability state of their networks .
CDM Asset Management capability fact sheet
CDM Identity and Access Management capability fact plane
CDM Network Security Management capability fact sail
CDM Data Protection Management capability fact sheet
CDM Dashboard Ecosystem – The CDM Program Dashboard Ecosystem is a collection of complementary tools and services that agencies can use to better understand, prioritize, and mitigate cyber risks .
CDM Program Shared Services Platform – The CDM Shared Services Platform provides non-CFO Act agencies with access to CDM capabilities, leveraging a price model and approach that is tailored to belittled and micro-agencies .
CDM Program AWARE Scoring – Agency-Wide Adaptive Risk Enumeration ( AWARE ) is CDM ’ s risk-scoring methodology that provides participating agencies with enhance situational awareness of cyber hazard and enables seasonably redress of threats and vulnerabilities while addressing the worst problems first .
What is .govCAR ? – CISA uses the .govCAR methodology to conduct threat-based assessments of cyber capabilities .
Careers with CISA
Are you concerned in joining the CISA team ? Visit CISA Careers .