The head of the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program has said that the CDM team seeks to collaborate with client federal agencies to determine cybersecurity solutions appropriate to their unique organizational requirements. CDM Program Manager Kevin Cox told Federal News Network in a recent interview that “we want to make sure we are working with the agencies to understand” what they need to strengthen their systems and networks against cyber threats and “in the long run meet those requirements,” Federal News Network reported Wednesday.Read More »
The Department of Homeland Security aims to develop an approach for government chief information security officers to assign and compare risk scores to agency networks, Federal News Network reported Friday.
The 2019 FISMA guidance now requires federal organizations to submit a justification memorandum to procure monitoring products and services not covered under CDM contracts.
The justification document must be sent to the CDM program management office, OMB resource management office and the Federal Chief Information Officer’s cybersecurity team.
OMB has also permitted the use of existing resources that align with CDM requirements but are not acquired through General Services Administration contracts.
The Office of Management and Budget has issued an updated guidance that outlines new Continuous Diagnostics and Mitigation program requirements for agencies to comply with the Federal Information Security Modernization Act of 2014, FedScoop reported Friday. The memo now directs agencies to submit justification should they choose to buy continuous monitoring tools and capabilities outside of the General Services Administration’s IT Schedule 70 CDM tools special item number, CDM Dynamic and Evolving Federal Enterprise Network Defense and other contract vehicles.Read More »
The House of Representatives has unanimously passed a bill that would support the development of the Department of Homeland Security's Continuous Diagnostics and Mitigation program. The Advancing Cybersecurity Diagnostics and Mitigation Act would require the government to develop procedures for systemic cybersecurity risk reporting, regularly deploy new technologies and implement a strategy to grow the program, Rep. John Ratcliffe, R-Texas' office said Tuesday.Read More »
Information technology leaders from the Department of Health and Human Services, Small Business Administration and NASA have outlined their IT priorities for 2018, FedTech reported Friday. Christopher Wlaschin, chief information security officer at HHS, said the department will prioritize and advance cybersecurity through four IT security areas. Those areas include …Read More »
Jeanette Manfra, assistant secretary for cybersecurity and communications at the Department of Homeland Security, has said she believes federal agencies should factor risks into information technology governance and procurement efforts, FedTech Magazine reported Tuesday. Manfra told audience during her keynote address at the 2017 Symantec Government Symposium held Tuesday that agencies make …Read More »
The Department of Homeland Security plans to implement a new requirement that seeks to provide federal agencies information on commercial cybersecurity products and services they purchase, Federal News Radio reported Wednesday. Kevin Cox, manager of the continuous diagnostic and mitigation program at DHS, told the station the updated supply chain …Read More »
The Government Accountability Office has evaluated the Office of Personnel Management’s efforts to implement the U.S. Computer Emergency Readiness Team’s 19 recommendations to build up information security controls and practices following the data breaches in 2015 and found that OPM completed actions on 11 recommendations. GAO said in a report published …Read More »