The Continuous Diagnostics and Monitoring program will release cybersecurity risk scores of different agencies on Oct. 1 to allow for federal assessments, Fedscoop reported Friday. CDM uses the Agency-Wide Adaptive Risk Enumeration algorithm to quantify how well an agency implements basic cybersecurity measures.
Kevin Cox, CDM program manager at the Cybersecurity and Infrastructure Security Agency, said a total of 53 agencies are ready to receive AWARE scores, with 40 more on the way. CISA will be the sole federal agency to have centralized access across all scores.
“We want to be careful not to share the scores out publicly because we know adversaries will be looking to see which agencies are having problems so they can go target them,” Cox told Fedscoop at the Billington Cybersecurity Conference.