From: Security Boulevard
***
The Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) was just such a program. It had a very limited toolset that competed with many tools or services already in place or integrated within agencies’ various systems. The agencies with similar tools were told to either remove them or run them in parallel. In several instances, agencies were forced to alter their architectures or technical designs, some of which were in operation or development several years before the DHS program was foisted upon them.
In the end, they are left with a decision about whether to support a half-broken, mandated “solution” or give-up something for which budget allocations may already have been spent. A better use of the resources expended would have been to develop a vendor-neutral framework or interchange standard to which tools could have been built or modified to provide the aggregated data asked for by DHS and OMB.
Leave a Reply