CDM Hits Phase Three: Determining What is Happening on the Network

The Continuous Diagnostics and Mitigation (CDM) program, led by the Department of Homeland Security, was designed to fortify the cybersecurity of government networks and systems with capabilities and tools that identify risks on an ongoing basis, prioritize these risks based on potential impacts, and enable personnel to mitigate the most significant problems first. The program was rolled out in phases with phases one and two pretty much complete across government.

Now that agencies know what and who is on their network, they need to move onto phase three - what is happening on the network. This involves installing and managing the network and perimeter security measures. Given that the perimeter now includes mobile devices, securing those devices and the way they access the network is critical to meeting CDM goals. Currently,agencies are mapping out mobile connections at the agency level, and the networks with which agencies are regularly interacting.

As agencies and contractors alike work through the phase three tasks that include more extensive and dynamic monitoring of security controls, there are a number of upcoming events that can guide them on both the security and mobile fronts.

• RSA FederalSummit (January 24, 2019; Washington, DC) - This summit will discuss the ecosystem of IT Modernization within the Federal Government with an eye toward mandates and legislation affecting how and when technologies are implemented.
• CDM and Eggs (February 21, 2019;Washington, DC) - This breakfast event (hence the "Eggs" in the title) is a government-only roundtable breakfast to discuss the path forward for the CDM program. The discussion will focus on how the CDM program will expand its capabilities beyond the perimeter in FY19.
• 6th Annual ISSAC COS Cyber Focus Day (March 28, 2019; Colorado Springs, CO) -Hosted by the Information Systems Security Association (ISSA) - Colorado Springs Chapter, this event will feature informative sessions presented by government and industry addressing the latest trends and best practicesi n cybersecurity.
• CybersecurityLeadership Forum (April 4, 2019;Arlington, VA) -- This forum brings together leaders from across government to share what is working today and what they are focused on next when it comes to protecting our nation, our citizens and our critical assets. Experts represent a spectrum of cyber situations and risks, including CDM, data analytics, insider threats, andcloud security, providing context and clarity to the mission of protecting your organization.
• TechNet Cyber (May 14-16, 2019;Baltimore, MD) - This event brings together military,industry, and academia to discuss and plan how to achieve persistent engagement, persistent presence, and persistent innovation regarding cyber readiness.
• Cybersecurity Conference and Expo (May 23, 2019; Washington, DC) - The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will continue to be one of the most significant factors impacting the security landscape. This event will explore today's cyber threats and offer an opportunity for those supporting government security initiatives to collaborate on how to detect, protect, and respond to these challenges.

Let us know where you are getting your information on CDM and share your events in the comments.