Kevin Cox, the CDM program manager at the Homeland Security Department, said the future for CDM includes security operations-as-a-service (SOCaaS), shared services and moving to a continuous improvement cycle.
The General Services Administration will create a new special item number under Schedule 70 for approved products under the Continuous Diagnostics and Mitigation (CDM) program as part of the effort to add flexibility to the initiative.
With agencies making slow, but steady progress under phases 1 and 2 of the continuous diagnostics and mitigation (CDM) program, the Homeland Security Department and the General Services Administration are exploring whether agencies will need a new model for Phase 3.
The continuous diagnostics and mitigation (CDM) program is relying on a blanket purchase agreement approach that isn’t as flexible as DHS and GSA officials thought it would be.
Cybersecurity within the Commerce Department has traditionally been overseen and managed by its 14 individual bureaus. Those agencies will still operate their own IT systems, but a new Commercewide oversight center will aggregate all information about the department’s vulnerabilities into a single dashboard to be used by senior management.
The General Services Administration and the Homeland Security Department are putting the final touches on the next set of contracts that will truly kickstart the federal move toward dynamic cybersecurity protections of agency networks and computers. The two agencies will release six task orders under the $6 billion CDM program in the coming year to implement tools and services across more than 40 agencies.
GSA awarded a $47.3 million contract to Metrica Team Venture to provide software and services under the continuous diagnostics and mitigation program. DHS expects the dashboard to offer a more insightful view of the cyber health of agency networks starting this fall.