Government needs to become more agile and efficient in the way it combats cyberthreats. Explore our latest guide on the Continuous Diagnostic and Mitigation (CDM) program to learn how.
Patrick Flynn, Director, Homeland/National Security Programs, McAfee Federal Business Development, shared his thoughts on CDM, and how McAfee can help agencies participate in the program.
The Continuous Diagnostic and Mitigation (CDM) program enables government entities to decrease known cyber risks and flaws by expanding their continuous diagnostic capabilities. This program is a critical step in the right direction for government to navigate a complex world. CDM is poised to make a tremendous impact on government, and will change the way agencies combat cyberthreats. The CDM program is helping agencies to improve their cybersecurity preparedness. The program does this by:
- Strategically sourcing tools and continuous monitoring as a service (CMaaS) solutions
- Improving visibility of network vulnerabilities, risks and flaws
- Mitigating and identifying flaws at near-network speed
- Supporting efforts to provide adequate, risk-based, and cost-effective security solutions
CDM will help agencies procure commercial off-the-shelf (COTS) continuous monitoring solutions. First, the Department of Homeland Security (DHS) will help an agency set up the proper sensors to conduct an automated search for cyber flaws. These results will feed into a local dashboard, and export customized reports. The reports can then alert network managers of the most critical flaws and risks, based on weighted scores. Administers will received prioritized alerts to help allocate resources to mitigate flaws. Finally, progress will be tracked through dashboards and can be compared among department and agency networks, which will help improve the shared risk of each department.
“The primary benefit for everyone involved [with CDM], private sector as well as government, is the ability to get on the same sheet of music, to put it quite simply. DHS has done a very positive thing getting this [program] out. What CDM helps agencies do is not only gain technical advantage, but it puts them on the path to be more fiscally responsible. It automates systems, but it doesn’t really take the human out of the loop, and it makes things much more efficient,” said Flynn.
The efficiency that Flynn notes is part due to the automation of services, and the additional network agencies will get from the CDM program. But to get there requires adopting some best practices. Our report highlights nine best practices for CDM. Below I’ve identified four — be sure to read the report to see the full listing.
Conduct Routine Testing
Routine testing is an imperative of CDM. By doing routine testing of networks to find known vulnerabilities abilities and combat the worst problems first. “The idea of doing the security testing more frequently as a best practice to cue up the list of previously known problems, and a dashboard displaying those results, and working on the worst problems first, are kind of at the top of the list of best practices that are being encouraged,” said John Streufert, Director, Federal Network Resilience at US Department of Homeland Security.
Solve Your Worst Problems First
As you look at the NIST ranking, your agency should tackle the highest known security flaws, and gradually work down to less serious risks. This will help you remove the greatest percentage of problems on the network, and mitigate risks. Without CMaaS solutions, this process will be very difficult for agencies to manage.
Establish a Common Measure of Risk for Like Problems
“Another example of a best practice is to establish a common measure of risk for like problems across the organization, so that there can be what we call an apples to apples comparison of risk in one organization versus another inside of the cabinet, department or agency,” said Streufert. “That allows the managers to judge how their progress compares to their peers, and results in the internal operating in its competing with one another to lower their risk to the greatest degree possible.”
Automate as Much of the Security Testing as Possible
Agencies should look to automate as much of the security testing as possible and move away from manual testing. With automation, the frequency and comprehensiveness of coverage can improve. “[Through automation] there have been steady progress in a number of the departments and agencies of reducing risk significantly by as much as two-thirds or as much as a factor of 10 reduction, that’s occurred at the Department of State in 2009,” said Streufert.
The CMaaS solutions deployed by CDM ultimately will help agencies deploy stronger automated services, helping government become more efficient in combating cyberattacks.
Make Collaboration a Priority
Collaboration is an essential part of any cybersecurity program. Organizations must be able to share information regarding compliance and reporting. Also, leaders must work closely to engage front-line staff to make sure that technology will help improve their jobs, and ease the burden of manual processes.
“We can’t forget to mention the business managers of the department and agency, whether at the working level, or the executive level,” said Streufert. “If the security policy and compliance people and the operational people are working well together, then business operations can proceed with fewer interruptions allowing really every member of the department or agency to be ahead as a result of the collaboration.”
These best practices and Flynn’s comments are just the start of improving security at your agency. But in order to fully capitalize on the CDM program, agency leaders must commit to understanding cybersecurity and learn how technology can both improve service delivery, and maintain the much needed security requirements to stay secure in a constantly evolving threat landscape.
Read the report to learn more.
Want More GovLoop Content? Sign Up For Email Updates
Combining the security expertise of McAfee with the innovation, performance, and trust of Intel. Learn more here: http://www.intelsecurity.com/index.html |