Tag Archives: Continuous Diagnostics and Mitigation

Senate Lawmakers Ask CISA, OMB to Submit Docs Amid Probe Into Recent Cyber Hacks

Cyber Hacks

Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, and Sen. Rob Portman, R-Ohio., ranking member of the Senate panel, have asked the federal government to provide information on its response to cyberattacks involving SolarWinds Orion and Microsoft Exchange. Portman and Peters asked DeRusha to provide information on the government’s current federal cybersecurity strategy

Read More »

CISA Issues Directive on Using Cybersecurity Tools to Detect Microsoft Exchange Server Risks

CISA Cybersecurity Tools

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental direction to help agencies use new tools for identifying vulnerabilities in their Microsoft Exchange Servers. CISA said Wednesday that the emergency directive recommends agencies to use the Microsoft Safety Scanner or Microsoft Support Emergency Response Tool (MSERT) as well as the Test-ProxyLogon.ps1 script.

Read More »

Brandon Wales: CISA Invests $650M in American Rescue Plan Funds for Threat Intell

Brandon Wales

The Cybersecurity and Infrastructure Security Agency (CISA) has earmarked $650 million from its  American Rescue Plan Act funding to transition its EINSTEIN threat intelligence system to various programs. The agency is additionally working to complete the Continuous Diagnostics and Mitigation (CDM) effort’s phases one and two which are slated to conclude in 2021. 

Read More »

Judy Baltensperger, Kevin Cox Share Plans for CISA’s Continuous Diagnostics and Mitigation Program

NCSC Insider Threat

The Cybersecurity and Infrastructure Security Agency (CISA) plans to provide in 2021 an updated Continuous Diagnostics and Mitigation (CDM) program that could help reduce reporting requirements for agencies while helping them improve security. Judy Baltensperger said most of the pilot agencies have moved their infrastructure to the cloud and that data quality certification will likely be carried out by the summer of 2021.

Read More »

OMB Chief Russell Vought Releases Memo on FISMA Reporting Requirements for FY 2021

Russell Vought

Russell Vought, director of the Office of Management and Budget (OMB), has issued a memo detailing reporting requirements and deadlines for agencies in fiscal year 2021 in compliance with the Federal Information Security Modernization Act (FISMA) of 2014. Vought said the updated FISMA guidance directs agencies to report to OMB the status of their data security programs. 

Read More »

Karen Evans: DHS Consolidates Network, Security Operations Centers

Karen Evans

Karen Evans, chief information officer at the Department of Homeland Security (DHS), said DHS is merging its security and network operations centers to keep systems operational as analysts respond and investigate a cyber incident. She said DHS is considering ways how to staff the newly formed network operations security center with federal and contract employees. 

Read More »

Updated CISA Federal Cybersecurity Strategy Directs Improved CDM Scores Through FY 2021

Emotet Malware

The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to its action plan for strengthening federal cybersecurity in fiscal years 2020 through 2021. The initiative was led by Matthew Travis, the deputy director of CISA. CISA also cited evolving threat landscapes and limitations in cloud, network and encryption capabilities as challenges.

Read More »

Christopher Krebs: Agencies Shifting to Telework Should Boost Investments in Cyber Tools

Christopher Krebs

Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA) and a 2020 Wash100 awardee, said agencies transitioning to the cloud to support telework should consolidate and increase investments in security tools to better manage cyber threats.

Read More »

GAO: DHS Should Ensure Contractors’ CDM Tools Provide Unique Hardware Identifiers

DHS

The Government Accountability Office (GAO) has recommended that the Department of Homeland Security (DHS) improve its implementation of the Continuous Diagnostics and Mitigation program by ensuring that contractors configure their cybersecurity tools to provide unique identifiers for hardware on agency networks.

Read More »

Guy Cavallo Named OPM Principal Deputy CIO

Guy Cavallo

Guy Cavallo, deputy chief information officer at the Small Business Administration (SBA), has been appointed principal deputy CIO at the Office of Personnel Management, effective Sept. 14th. Prior to SBA, Cavallo served as executive director of IT operations at the Transportation Security Administration (TSA).

Read More »