The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program has been a key tool for managing cybersecurity risks since Federal employees began maximum telework in March by helping to maintain situational awareness on networks, said Federal CISO Grant Schneider at MeriTalk’s CDM Central: Tales from the Frontlines digital event today.
“We have all CFO Act agencies leveraging CDM. A great number of small and micro agencies are leveraging CDM and really are now able to have far more situational awareness into what is happening on their network, who’s operating on their network, and just have that situational awareness of what their environment looks like and how it’s behaving,” he said.
Schneider also said CISA is working with agencies to expand CDM into the cloud to improve situational awareness further, and with the likelihood that many Federal agencies will continue telework practices to varying degrees once their employees begin to return to office locations.
Critical goals to securing agency networks are protecting data, and managing risk by accounting for where data resides, he said.
“As we look forward on CDM in places that we want CDM to go and the things that we will want to be able to accomplish, part of that is being able to manage our risk is having the data available,” Schneider said. He added that “the ability for the Cybersecurity and Infrastructure Security Agency CISO over at [the Department of Homeland Security] to be able to have government-wide insight is absolutely critical, because the fact that we’re collecting all this data is really useless if we’re not going to do something with it.”
Please visit CDM Central: Tales from the Frontlines for on-demand replays of today’s conference sessions. Then continue the conversation on July 15 at 1:30 p.m. EDT with MeriTalk’s CDM: The Next Chapter webinar that explores our recent survey of government and industry stakeholders to catalog progress and chart the path forward for the program.