From: Lawfare
The federal government isn’t often held up as a model for IT innovation and efficiency, but there are areas where they should be. An example of a policy directive that has paid dividends is the Continuous Diagnostics and Mitigation (CDM) program, whose aim is to give civilian government agencies a sensible, cost-effective way to upgrade their cybersecurity posture. CDM is available to other organizations as well—such as state, local, regional and tribal governments and the U.S. Department of Defense (DoD)— but the primary target is our civilian departments and agencies, many of which touch citizens. While CDM could have been rolled out more quickly, overall the program has been progressing. Until now.
The House Department of Homeland Security Appropriations bill (H.R. 5634) provides only about $172.8 million of the Administration’s almost $274.8 million appropriations request for CDM for fiscal year 2017. That’s a big ($100 million) hit at a time when government agencies need all the help they can get to address a decreasing cybersecurity labor market coupled with an increasingly dangerous cyber threat landscape. And CDM isn’t just any program; it’s a thoughtful, well-designed program that takes one of the best approaches to improving cybersecurity I’ve ever encountered. Here’s why full funding should be restored.
Leave a Reply