The Homeland Security Department has reviewed about 18 new or improved cybersecurity tools or technologies that may be added to the continuous diagnostics and mitigation program (CDM). John Streufert, the director of Federal Network Resilience at National Protection and Programs Directorate in DHS, said CDM is not delayed and on track to deliver results.
Andy Ozment, assistant secretary of the Office of Cybersecurity and Communications in DHS, said the CDM, Einstein and Enhance Cybersecurity Services programs are on the upswing in terms of impact and number of users. Ozment said there are no delays with CDM, and the Einstein intrusion detection and prevention software covers 25 percent of all federal employees.
A large chunk of the government IT workforce that's charged with implementing the Homeland Security Department's new continuous diagnostics and mitigation initiative still doesn't know much about it. The lack of awareness is most acute with agency inspectors general. But those that have pressed forward with CDM say their networks have already become more secure or less costly.
Bill Lay, the State Department's chief information security officer, said his budget for cybersecurity doubled in 2014 to help address the recommendations outlined by the agency's inspector general.
Under the continuous diagnostics and mitigation program, DHS wants to ensure systems administrators have data on the most pressing threats and vulnerabilities first so they can fix them as soon as possible. John Streufert, DHS's director of federal network resilience, said the recently-awarded dashboard will be set up to do just that.
Departments have a week to finalize their plans to implement information security continuous monitoring by 2017. State and DHS already are heading down the new cyber path, and are excited to take advantage of the standard suite of products and services under the CDM contract.
Phyllis Schneck, the deputy undersecretary for cybersecurity at DHS, said the department will release a voluntary cyber program on Feb. 14 as part of the deliverables under President Barack Obama's 2013 Executive Order. Schneck said among her top priorities is to continue to build a trust relationship with the assorted public and private sector stakeholders.