Judy Baltensperger, Kevin Cox Share Plans for CISA’s Continuous Diagnostics and Mitigation Program

Judy Baltensperger, Kevin Cox Share Plans for CISA’s Continuous Diagnostics and Mitigation Program
Endpoint Detection and Response Platform

The Cybersecurity and Infrastructure Security Agency (CISA) plans to provide in 2021 an updated Continuous Diagnostics and Mitigation (CDM) program that could help reduce reporting requirements for agencies while helping them improve security, Nextgov reported Friday.

“We want the data to be as complete and accurate, and as timely as possible, so that we can reduce the data calls for [binding operational directives] and [emergency directives], reduce the CyberScope reporting, and get them to trust the data in the dashboard when they're making those risk-based decisions,” Judy Baltensperger, CDM program manager at CISA, said Thursday during an event.

She said most of the pilot agencies have moved their infrastructure to the cloud and that data quality certification will likely be carried out by the summer of 2021.

“What we want to do through the pilots that we've had engaging with the different CSPs, the cloud service providers is make sure that we have a full understanding of the data they have available, look at, for example, how the data that they have available aligns with the CDM requirements,” said Kevin Cox, CDM program manager. “And then make sure that that is available to the agencies, that they have that real-time and near real-time understanding of the protections they have in the cloud."

You may also be interested in...

Government

GAO: DOD Should Fill Gaps in Small Business Strategy

The Government Accountability Office (GAO) advises the Department of Defense (DOD) to develop an implementation plan, policy and a formal monitoring process for the DOD Small Business Strategy. Congress, in 2019, tasked DOD to create a strategy that will guide how the department handles small business programs, GAO said Thursday.