Congress took an important step this week in ensuring that the future of federal cybersecurity remains innovative and on the cutting edge of technology. Senators John Cornyn (R-TX) and Maggie Hassan (D-NH) introduced the Advancing Cybersecurity Continuing Diagnostics and Mitigation bill on Tuesday. The bipartisan measure would formally codify the Continuous Diagnostics and Mitigation (CDM) Program and require:
- Federal agencies to develop reporting metrics for systemic cybersecurity risks;
- Agency heads to continually innovate and deploy new technologies in the face of the rapidly evolving threat landscape; and
- The Department of Homeland Security (DHS) Secretary to develop a comprehensive strategic plan for CDM within six months of enactment.
This new measure will help build on past success. Through the CDM Program, DHS has already taken major steps to provide federal agencies with capabilities and technologies that identify risks on an ongoing basis, prioritize those risks, and enable cybersecurity personnel to mitigate the most significant threats first. This progress is due to the dedication and hard work of the CDM team at the Cybersecurity and Infrastructure Security Agency (CISA) and support from Congress and DHS leadership. CDM has already raised the bar for security and provides a solid foundation for achieving a baseline of protection across the federal IT environment.
Last year, Frank Dimina, Splunk’s VP Public Sector, had the opportunity to testify on CDM before the House Homeland Security Committee, subcommittee on Cybersecurity and Infrastructure Protection. In his testimony, he identified a critical opportunity for the Program going forward to better leverage the existing data collected through CDM. DHS can do this by enhancing the current CDM integration layer so it becomes a standardized “common data fabric”.
There are several key benefits to this approach. First, it will improve the granularity of data available to federal cyber analysts, allowing them to drill down into specific areas and greatly enhance their ability to identify and mitigate malicious cyber activity. Second, and perhaps most powerfully, a common data fabric will allow this “drill down” capability to be done in real time. Every second is precious when the government is responding to attacks against federal systems. Lastly, this standardization would provide the foundation to integrate CDM data with other shared service initiatives like EINSTEIN—resulting in a level of visibility that is not possible today.
The future of CDM has significant implications for the safety, security, and resilience of the federal government. With a common data fabric, CDM’s detection and mitigation abilities could also be extended to our nation’s critical infrastructure and state and local governments, shoring up protections in vital areas such our electrical grids, water supply and election system.