The Department of Homeland Security’s Continuous Diagnostics and Mitigation program will be introducing its new dashboard in the next few months, according to CDM manager Kevin Cox, allowing agencies better insight into their overall cybersecurity.
“We already have a proof-of-concept underway in the lab environment of the new dashboard environment ... starting in the first quarter of [fiscal year] 2020, in the October or November time frame, we’re going to begin bringing that technology out to a handful of agencies,” said Cox, speaking Sept. 5 at the Billington CyberSecurity conference in Washington, D.C.
The CDM dashboard provides agencies with overall data on their cybersecurity risks and vulnerabilities. DHS awarded ECS Federal a $276 million contract for the dashboard earlier this year.
“We’re going to out of the gate have better visualization of the data for agencies, but we’re also looking to bring in better analytics, better business intelligence, as well as, ultimately, machine learning capabilities — being able to apply that to the data so that agencies are getting maximum benefit from their cybersecurity data,” Cox said.
In the dashboard, agencies will see how their cybersecurity posture compares to other agencies as a whole. This score, called Agency-Wide Adaptive Risk Enumeration (AWARE), tracks and scores agencies based on vulnerabilities.
“We can start to look at what are those different agencies doing that we can get some lessons learned that we can get out to all the agencies,” Cox said.
The dashboard will allow CDM to create a federal baseline for cybersecurity across agencies, which Cox said should get better over time. AWARE cores will not be shared publicly for security concerns, he said.
Cox laid out several other priorities for the CDM program in the upcoming fiscal year. He said the program would be focusing heavily on high-value assets, agency systems that would be a national security risk if compromised.
“We’re looking to see what types of technology are needed, whether it be data rights management, data log protection [or] more advanced threat capabilities sitting in front of those assets,” Cox said.
CDM, he said, wants to ensure that high-value assets have “the proper protections in place for the data on the system.”
The CDM program will also prioritize in fiscal year 2020 enterprise mobility management, or securing mobile devices of federal employees. Cox said that the use of automation at agencies has discovered 75 percent more assets on federal networks than agencies found used manual discovery. The challenge, he said, is that there are millions of devices on federal networks.
“We want to help the agencies get full understanding of all the privileged users,” Cox said.
This past year, CDM learned more about what cloud providers agencies are using and what their networks look like. In FY2020, CDM will focus on developing a proof-of-concept for cloud security.
Machine learning will also be an important piece of cybersecurity at agencies moving forward. Cox said CDM helps agencies in this space because the program collects network data in a way that’s “aligned” for machine learning analysis.
“We’re helping the agencies get those fundamentals in place so they can benefit from these new technologies,” Cox said.
In the federal government, all agencies are responsible for their own cybersecurity posture. Cox said that CDM is working with agencies on network access, automation of control assessments and incident response orchestration. The program also hopes to put out a proof-of-concept for cloud security next year.
“We want to remain flexible as the threat changes, as technology changes to be able to bring the technology changes to the problem to get in front of the adversary," Cox said.