Using Data to Fortify Network Defenses

One Cybersecurity and Infrastructure Security Agency (CISA) program that has been widely adopted throughout the federal government also is one of its longest-established – the Continuous Diagnostics and Mitigation (CDM) program. Introduced in 2012, the program provides a dynamic approach to strengthening the cybersecurity of government networks and systems.

The program has evolved over the past decade to add new capabilities, including cybersecurity tools, integration services, and dashboards that help participating agencies improve their security posture. By utilizing the program, agencies can reduce their threat surface, increase visibility into the overall federal cybersecurity posture, improve federal response capabilities, and streamline Federal Information Security Modernization Act (FISMA) reporting. Just this year, CISA announced that all 23 departments and agencies covered by the CFO Act are now sharing cyber risk information with CISA through their CDM agency dashboards.

Learning Objectives:

• Outline the impact of issues such as visibility and scalability on the effectiveness of legacy CDM solutions
• Delineate the timely information provided by current CDM dashboards
• Identify the metrics used to measure the effectiveness of CDM tools in mitigating cyber risks
• Review the components and tools that have been added to the CISA CDM program