Delivering better data will be this year’s primary focus of the Department of Homeland Security’s program for federal network cybersecurity as it prepares to deploy new dashboards to agencies.
This month, Judy Baltensperger, project manager for the dashboard of DHS’ Continuous Diagnostics and Mitigation program at the Cybersecurity and Infrastructure Security Agency, said that the agency would deploy the “minimum viable products" for agency dashboards. That includes capabilities like risk-scoring and ongoing assessment metrics, with another update coming in August this year, she said.
In November, DHS will deliver with the federal dashboard’s minimum viable products, like system health monitoring and threat intelligence feed integration, with a subsequent update for both federal and agency dashboards coming in February 2021.
“We’re going to focus on delivering simple features," Baltensberger said. “Then through our scaled, agile software development, we’re going to iteratively make enhancements to each of these products, and we’re also going to be collecting user feedback from each one of [the] agencies.”
Feedback will be collected by a new user-experience feedback team within the project management office.
“The goal is going to be fit for use, operational data. We want you to trust the data that is in this dashboard, and we want to see you start to take action and make risk-based decisions on it,” she added.
The CDM dashboard gives federal agencies better insight into their cybersecurity posture. ECS Federal was awarded the $276 million contract last May.
Baltensperger said that users reported to her office several data-quality challenges, but she didn’t go into specifics. In response, her office has since assembled a data-management team and created a data quality-management plan. The CDM dashboard team is also creating a “common lexicon” around master device records and master user records.
“So what that means is that agency chief data officers and CISOs [chief information security officers] ... need to start to understand how this security data fits within their agency data and start to realize that value,” Baltensperger said April 1 on a webinar hosted by FCW.
Baltensperger said the CDM has established its “core fundamental capabilities” that allow agencies to understand what devices are on the network and who is accessing the network. In 2020, the program wants to move to the next step to provide better data in order to enhance agency leaders’ decision-making and improve situational awareness.
“Now we want to move forward into what’s happening on your network,'” Baltensperger said.
The CDM Program Management Office also wants to deploy a search tool to allow cybersecurity professionals at agencies to comb through the collected data. That capability is being provided by the company Elastic. The office also wants to speed up the amount of time it takes for the data collected by sensors and other tools to get up to the federal dashboard.
“Now that we’ve collected a lot of data, particularly cyber hygiene data, vulnerabilities ... we would like to be able to search through that and search through it faster, providing more and better situational awareness,” she said.
With the new dashboard, Baltensperger said that agencies will receive predictive analytics and anomaly-detection capabilities that they don’t have today.
Baltensperger also said that DHS has deployed dashboards to 59 agencies, including establishing two earlier this week.
In its appropriations package for fiscal 2020, Congress allocated CISA tens of millions of dollars over the agency’s budget request for CDM, giving the agency $213.5 million for CDM. That package included $13 million above the agency’s funding request for the dashboard.