The Cybersecurity and Infrastructure Security Agency (CISA) is working to build up agencies’ trust in the underlying cyber risk data behind the new federal dashboard as part of the Continuous Diagnostics and Mitigation (CDM) program, Federal News Network reported Thursday.
“We have the overall process finalized, [we’re] working with agencies now to go through the criteria to make sure that data that they’re seeing down at the center level is being properly reported in the agency dashboard up through the federal dashboard,” Kevin Cox, CDM program manager with CISA, said Tuesday at a virtual Meritalk conference.
Cox said that CISA plans to facilitate data exchange between agency dashboards and the federal CDM dashboard by the second quarter of fiscal 2021 and finalize the migration process by the end of the fourth quarter of FY 2021.
He also offered updates on the Agency-wide Adaptive Risk Enumeration algorithm as part of the federal dashboard. AWARE assigns a score to agencies based on their performance when it comes to configuration management and efforts to address critical vulnerabilities.
He noted that 36 non-CFO Act agencies and 23 CFO Act agencies have begun reporting their data to the CDM dashboard but none of the AWARE scores are fully activated yet until CISA goes through the process for data quality management certification.
“We want to make sure that the agencies are comfortable with their data being reported up before it’s fully operationalized through AWARE,” Cox added.