Back in 2010, the Office of Management and Budget (OMB) tasked the Department of Homeland Security (DHS) to lead a government-wide effort to ensure that there were sufficient cybersecurity measures in place for each agency. These security protocols needed to be both risk-based and cost-effective in nature.
Since then, DHS has developed the Continuous Diagnostics and Mitigation Program (CDM) and consistently monitors and adapts the program to make sure it is an asset to government users. The goal of the CDM program is to help bolster cybersecurity methods and to help regulate security monitoring across all federal agencies.
How Does the CDM Program Work?
The CDM program is designed to ensure the strength and stability of computer networks and systems when it comes to cybersecurity initiatives. The program helps administrators understand risks to their networks in real time, even identifying and ranking issues as they arise allowing cyber professionals to tackle the most pressing issues first.
This, combined with real time reporting of threats on agency-level dashboards, helps users stay up to date on any cyber risks they may face. Overall the program leads to lowered operational risk with government networks and information security systems.
CDM Program Phases
The CDM program is able to cover fifteen different continuous diagnostic capabilities over three phases: endpoint integrity, least privilege and infrastructure integrity and boundary protection and event management for managing the security lifecycle. Each phase contains the following:
Phase 1: Endpoint Integrity
Phase 2: Least Privilege and Infrastructure Integrity
Phase 3: Boundary Protection and Event Management for Managing the Security Lifecycle
Additional Information