Kevin Cox, who has led the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program for the past five-plus years, will be leaving the agency later this year to take on deputy CIO duties at the Department of Justice (DoJ).

According to a briefing received by lead contractors on the CDM program’s DEFEND contract, Cox will transition to the new role at DoJ over the next few months. CISA will be seeking candidates for new CDM program leadership.

Cox remains set to deliver a CDM-themed keynote address at MeriTalk’s CDM Central – the Age of Cyber Defenders virtual conference on May 12.

Return to DoJ

Cox’s move to DoJ will mark a homecoming for the long-serving Federal cybersecurity official.

He was Deputy Chief Information Security Officer (CISO) at the Justice Department in charge of the agency’s continuous monitoring capabilities and security dashboard posture before leaving there to head the CDM program.  Before becoming Deputy CISO, he was Assistant Director of Information Technologies at DoJ and helped to establish an insider threat prevention and detection program at the agency.

Lasting CDM Legacy

The CDM program – along with the EINSTEIN program – is one of two major CISA programs that aim to secure Federal civilian networks, and Cox will leave a lasting impression with the work he has undertaken since 2016 when he became head of the still-nascent CDM Program Office.

Over that span, Federal civilian agencies have made great strides in implementing CDM program capabilities that are key to creating stronger cyber defenses and also to lay the necessary groundwork for the adoption of Zero Trust security concepts.

During the coronavirus pandemic, the CDM program worked mostly behind the scenes with numerous agencies to quickly shore up cyber defenses in light of increasing cyber threats from adversaries looking to take advantage of the public health crisis, as Cox described in MeriTalk’s CIO Crossroads interview series. While much of that work remains undisclosed, its evidence can be found in agencies’ demand for services outstripping the program’s budget late last year.

Among the CDM program’s key priorities for Fiscal Year 2021 are helping larger agencies complete work on the first two of the program’s four major capability areas dealing with asset management and identity and access management and rolling out the enhanced version of the CDM dashboard to individual Federal agencies.

Also on tap are numerous pilots with agencies to implement the second two major program capabilities – network security management and data protection management – along with pilots for cloud and mobile security.

Read More About
More Topics
John Curran
John Curran
John Curran is MeriTalk's Managing Editor covering the intersection of government and technology.