NIST SP 800-137

From: MeriTalk

***

“Moving forward with Federal IT modernization should be CIO Kent’s top priority,” said Hayes. “The MGT Act could jumpstart the modernization process and make it easier for agencies to make long-term plans and respond quickly to evolving threats and technology. Kent should also prioritize the identification and expansion of successful partnerships and solutions that are already working within the Federal government, such as the Continuous Diagnostics and Mitigation program at the Department of Homeland Security and the Assured Compliance Assessment Solution via the Defense Information Systems Agency.”

From: Security Boulevard

by Scot Finnie

***

The Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) was just such a program. It had a very limited toolset that competed with many tools or services already in place or integrated within agencies’ various systems. The agencies with similar tools were told to either remove them or run them in parallel. In several instances, agencies were forced to alter their architectures or technical designs, some of which were in operation or development several years before the DHS program was foisted upon them.

From: Military Embedded Systems

Mariana Iriarte, Technology Editor

MCCLEAN, Va. Department of Homeland Security (DHS) officials tapped Booz Allen Hamilton for the next phase of the Continuous Diagnostics and Mitigation (CDM) Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) Program. The contract is a single-award, six-year task order worth $621 million.

From: GovTech Works

by Tobias Naegele

The Trump administration’s twin priorities for federal information technology – improved cybersecurity and modernized federal systems – impose a natural tension: How to protect a federal architecture that is rapidly changing as agencies push more and more systems into the cloud.

The Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program’s early phases focus on understanding what systems are connected to federal networks and who has access to those systems. The next phases – understanding network activity and protecting federal data itself – will pose stiffer challenges for program managers, chief information security officers and systems integrators developing CDM solutions.