Updated CISA Federal Cybersecurity Strategy Directs Improved CDM Scores Through FY 2021

Updated CISA Federal Cybersecurity Strategy Directs Improved CDM Scores Through FY 2021
Emotet Malware

The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to its action plan for strengthening federal cybersecurity in fiscal years 2020 through 2021. The initiative was led by Matthew Travis, the deputy director of CISA.

The Department of Homeland Security (DHS) component said in the report that it seeks to prevent 75 percent of identified “critical and high configuration-based vulnerabilities” across federal agencies by Sept. 30th, 2021.

CISA is also directing agencies to have “reliable” scores on the adaptive risk enumeration (AWARE) algorithm under the Continuous Diagnostics and Mitigation (CDM) program by the end of the fourth quarter of FY 2020.

Kevin Cox, program manager for the CDM effort, previously said at an industry event that the program’s AWARE assessment is meant to “quantify the aggregate number of opportunities for an adversary” and help agencies identify priorities for reducing their attack surface.

The updated action plan includes strategies such as increasing enterprise-wide risk posture awareness, providing tools and assistance for CDM compliance, managing malicious incidents and detecting malicious traffic for incident response.

CISA also cited evolving threat landscapes and limitations in cloud, network and encryption capabilities as challenges that agencies face in strengthening their security postures.

The agency has prevented 77 percent of known vulnerabilities through approaches like cyber hygiene scanning. However, the agency needs to focus on mitigating high value asset risks, according to the report.

You may also be interested in...

Bill Nelson

NASA Reorganizes Structure for Exploration Systems, Space Operations; Administrator Bill Nelson Quoted

NASA has split an existing mission directorate into two separate ones focusing on exploration systems and space operations, respectively. The space agency said Tuesday its current Human Exploration and Operations Mission Directorate will divide to support a growing number of low-Earth orbit space operations and deep space programs, including Artemis.