Continuous Diagnostics and Mitigation (CDM) Program Manager Kevin Cox said on Oct. 13 that the program office is making progress on one of its key goals for Fiscal Year 2021 – connecting Federal agencies to its second-generation Elasticsearch dashboard.
Speaking at the CISQ Cyber Resilience Summit, Cox said thus far three Federal agencies have the new dashboard in place, and that the program office is working with another seven agencies to get the dashboard installed. On top of that, Cox said the CDM program office has put in place communications infrastructure with a total of 60 agencies that will help “make a lot of progress” on the dashboard rollout effort.
He listed agency dashboard installations as a key priority for FY2021 as part of “achieving the promise of CDM … so agencies can bring it to bear in working to manage risk in their environment.”
The program office contracted for the dashboard last year after finding that it needed a big data platform that Cox said “will give us scalability, high performance, customization, and analytics” capabilities. The agency dashboards feed information up to a Federal-level dashboard “so Federal leadership can see what the landscape looks like,” he said.
Cox said the program office hopes to have all of the new dashboards in place by the end of the fiscal year, along with the Federal-level dashboard, “and start to really operationalize the CDM data.”
Cox also talked about a variety of pilots that the program office is running with various agencies covering data protection management, and cloud service security.
On the data protection management, Cox said “we are making good progress there,” adding that the program office is “having good discussions with other agencies” for additional pilots.
Regarding cloud security pilots, he said the program office is working with a “handful of agencies” and the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on those pilot efforts.
Describing the cloud pilots, Cox said “we want to make sure we can work with the agency and the cloud service provider to get the visibility that we need,” similar to the visibility that is achieved with on-prem networks.
“What we find is that visibility is available,” but that “we need to make sure that the right language is in the cloud contract.” Also important, he continued, “beyond that, once all the proper contractual pieces are in place, [is] that the cloud service provider in association with the agency can get the right data to meet the CDM requirements.”
“Really, everything is on the table,” he said. “We want to get the right set of solutions,” adding that those requirements “might vary from cloud installation to cloud installation.”
Speaking about pilots on high-value asset protection, Cox said “what we have found … is there is a lot of complexity there.” He said the program must be careful about how it deploys technology and architect systems “to make sure we don’t disrupt a mission-critical system.”
“Slow and steady wins the race” in those situations, he said. “We want to scramble to get the technology in place … but if we scramble and architect the system in the wrong way, then we set ourselves back.”
Cox briefly discussed the CDM program’s tie-in with efforts by the Cybersecurity and Infrastructure Security Agency (CISA) to develop a Quality Service Management office (QSMO) as a storefront for the rest of the civilian Federal government to obtain cybersecurity services. CISA received the QSMO designation from the Office of Management and Budget in April.
The QSMO office, Cox said is looking “at a shared service offering in the future for supply chain,” and he explained “that’s an area where the CDM program can align with them.” He added, “there is really a bright future for what else CDM can bring to bear.”