Kevin Cox on CISA’s Federal CDM Dashboard, AWARE Algorithm

Kevin Cox on CISA’s Federal CDM Dashboard, AWARE Algorithm
Kevin Cox

The Cybersecurity and Infrastructure Security Agency (CISA) is working to build up agencies’ trust in the underlying cyber risk data behind the new federal dashboard as part of the Continuous Diagnostics and Mitigation (CDM) program, Federal News Network reported Thursday.

“We have the overall process finalized, [we’re] working with agencies now to go through the criteria to make sure that data that they’re seeing down at the center level is being properly reported in the agency dashboard up through the federal dashboard,” Kevin Cox, CDM program manager with CISA, said Tuesday at a virtual Meritalk conference.

Cox said that CISA plans to facilitate data exchange between agency dashboards and the federal CDM dashboard by the second quarter of fiscal 2021 and finalize the migration process by the end of the fourth quarter of FY 2021.

He also offered updates on the Agency-wide Adaptive Risk Enumeration algorithm as part of the federal dashboard. AWARE assigns a score to agencies based on their performance when it comes to configuration management and efforts to address critical vulnerabilities.

He noted that 36 non-CFO Act agencies and 23 CFO Act agencies have begun reporting their data to the CDM dashboard but none of the AWARE scores are fully activated yet until CISA goes through the process for data quality management certification.

“We want to make sure that the agencies are comfortable with their data being reported up before it’s fully operationalized through AWARE,” Cox added.

Check Also

FireEye

FireEye to Provide Cybersecurity Defenses to Texas DIR; Pat Sheridan Quoted

FireEye, Inc. has announced that it will offer cyber security defenses to Texas public sector agencies, under Texas Department of Information Resources (DIR), the company reported on Thursday. Through the end of 2020, FireEye security products and Mandiant Solutions services will be available to all Texas agencies, county governments, cities and school districts through DIR’s Bulk Purchase Initiative for Endpoint Detection and Response (EDR) solutions.