Recently, Congress took action to help ensure that the future of federal cybersecurity remains innovative and on the cutting edge of technology. Senators John Cornyn (R-TX) and Maggie Hassan (D-NH) introduced the Advancing Cybersecurity Continuing Diagnostics and Mitigation bill in August. The U.S. House of Representatives followed suit in September when Representatives John Ratcliffe (TX-4) and Ro Khanna (CA-17) introduced the companion bill. The bipartisan and bicameral measure would formally codify the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program and require:
- Federal agencies to develop reporting metrics for systemic cybersecurity risks;
- Agency heads to continually innovate and deploy new technologies in the face of the rapidly evolving threat landscape; and
- The Department of Homeland Security (DHS) Secretary to develop a comprehensive strategic plan for CDM within six months of enactment.
This new measure will help build on past success. Through the CDM Program, DHS has already taken major steps to provide federal agencies with capabilities and technologies that identify risks on an ongoing basis, prioritize those risks, and enable cybersecurity personnel to mitigate the most significant threats first. This progress is due to the dedication and hard work of the CDM team at the Cybersecurity and Infrastructure Security Agency (CISA) and support from Congress and DHS leadership. CDM has already raised the bar for security and provides a solid foundation for achieving a baseline of protection across the federal IT environment.
Last year, Frank Dimina, Splunk’s VP Public Sector, had the opportunity to testify on CDM before the House Homeland Security Committee, subcommittee on Cybersecurity and Infrastructure Protection. In his testimony, he identified a critical opportunity for the Program going forward to better leverage the existing data collected through CDM. DHS can do this by enhancing the current CDM integration layer so it becomes a standardized “common data fabric”.
There are several key benefits to this approach. First, it will improve the granularity of data available to federal cyber analysts, allowing them to drill down into specific areas and greatly enhance their ability to identify and mitigate malicious cyber activity. Second, and perhaps most powerfully, a common data fabric will allow this “drill down” capability to be done in real time. Every second is precious when the government is responding to attacks against federal systems. Lastly, this standardization would provide the foundation to integrate CDM data with other shared service initiatives like EINSTEIN—resulting in a level of visibility that is not possible today.
Threats to our national security are now both physical and digital in nature. The future of CDM has significant implications for the safety, security, and resilience of the federal government. With a common data fabric, CDM’s detection and mitigation abilities could also be extended to our nation’s critical infrastructure and state and local governments, shoring up protections in vital areas such our electrical grids, water supply and election system.
We commend Senators Cornyn and Hassan and Representatives Ratcliffe and Khanna for recognizing not only the importance of the CDM Program, but also the critical role that real-time data plays in helping to mitigate malicious threats across U.S. critical infrastructure and, as a result, increasing the nation’s cybersecurity posture.