Cybersecurity is now a national defense imperative, showcased by a slew of executive orders, budget allocations and focused programs. One that is most visible is the Continuous Diagnostics and Monitoring (CDM) program under the auspices of the Department of Homeland Security (DHS). While not new, its objective is to support technical modernization through commercial-off-the-shelf (COTS) tools to keep up with—if not get ahead of—the constantly evolving threat landscape. Usually, government programs as massive as this fall victim to their own complexities and lack of clear mandates. Determined to understand the barriers to the program and ensure its productive use, the Subcommittee on Cybersecurity and Infrastructure Protection recently heard from industry veterans like Frank Dimina from Splunk. They subsequently increased funding and a draft bill has been introduced in Congress that would amend the 2002 Homeland Security Act to include CDM.
The core element of CDM postulates that agencies collect data in real-time from across their infrastructure, systems and users to understand what and who are on their networks, the transactions on these networks and how data is protected. Given the number of components involved (the GSA lists 30,000 products under the CDM Special Item Number, which is only half of the products approved list) driven by the desire to offer flexibility, the number of users and applications accessing the network, and the ocean of data across multiple classifications—you see where I am going with this—well, it can be a daunting challenge, especially given agency workforce challenges. Obviously, automation is a clear and present solution to solve this problem.
Splunk is uniquely positioned to deliver key functionality for CDM while greatly reducing the overall risk. The four major value areas that Splunk delivers include:
- The integration of all point systems across all technology domains to enable real-time monitoring
- The automation of ingestion, aggregation and correlation of raw data, regardless of type or format
- Delivery of category-specific capabilities or enhancement of existing CDM solution sets
- Comprehensive analytics and reporting capabilities to address emerging requirements
Given its pragmatic approach to cyber hygiene and developing a baseline to combat cyber threats, CDM is not for federal civilian agencies alone. The National Defense Authorization Act (NDAA) suggests the DoD look into CDM and compare its capabilities to the Comply-to-Connect (C2C) initiative. State and local agencies as well as commercial enterprises can take advantage of the principles and layered approach to fortify their organizations and build a strong foundation.
Want to learn more? Watch Splunk’s CDM expert Nick Murray to learn how to get started. And if you’re in the Washington, D.C. area, stop by the Renaissance Hotel on Wednesday, August 22nd for our Data-Driven Cyber Security: Driving Value into the Mission event, where cyber leaders will discuss how programs such as CDM and new tools and tactics can accelerate cyber hygiene at your agency. It's right around the corner and well worth your time. See you there!
Until next time,