Tag Archives: Continuous Diagnostics and Mitigation

The Department of Homeland Security will deploy a new algorithm built to monitor system vulnerabilities and baseline configuration settings across the federal government to give an agency an overall rating on its cyber hygiene, Nextgov reported Wednesday.

The Department of Homeland Security aims to develop an approach for government chief information security officers to assign and compare risk scores to agency networks, Federal News Network reported Friday.

The 2019 FISMA guidance now requires federal organizations to submit a justification memorandum to procure monitoring products and services not covered under CDM contracts.

The justification document must be sent to the CDM program management office, OMB resource management office and the Federal Chief Information Officer’s cybersecurity team.

OMB has also permitted the use of existing resources that align with CDM requirements but are not acquired through General Services Administration contracts.

The Office of Management and Budget has issued an updated guidance that outlines new Continuous Diagnostics and Mitigation program requirements for agencies to comply with the Federal Information Security Modernization Act of 2014, FedScoop reported Friday. The memo now directs agencies to submit justification should they choose to buy continuous monitoring tools and capabilities outside of the General Services Administration’s IT Schedule 70 CDM tools special item number, CDM Dynamic and Evolving Federal Enterprise Network Defense and other contract vehicles.

The House of Representatives has unanimously passed a bill that would support the development of the Department of Homeland Security's Continuous Diagnostics and Mitigation program. The Advancing Cybersecurity Diagnostics and Mitigation Act would require the government to develop procedures for systemic cybersecurity risk reporting, regularly deploy new technologies and implement a strategy to grow the program, Rep. John Ratcliffe, R-Texas' office said Tuesday.

The Department of Homeland Security is developing a system that will alert federal agencies of cybersecurity risks and recommend resources to respond to attacks, MeriTalk reported Wednesday.

Information technology leaders from the Department of Health and Human Services, Small Business Administration and NASA have outlined their IT priorities for 2018, FedTech reported Friday. Christopher Wlaschin, chief information security officer at HHS, said the department will prioritize and advance cybersecurity through four IT security areas. Those areas include …

Jeanette Manfra, assistant secretary for cybersecurity and communications at the Department of Homeland Security, has said she believes federal agencies should factor risks into information technology governance and procurement efforts, FedTech Magazine reported Tuesday. Manfra told audience during her keynote address at the 2017 Symantec Government Symposium held Tuesday that agencies make …

The Government Accountability Office has evaluated the Office of Personnel Management’s efforts to implement the U.S. Computer Emergency Readiness Team’s 19 recommendations to build up information security controls and practices following the data breaches in 2015 and found that OPM completed actions on 11 recommendations. GAO said in a report published …

The Department of Homeland Security considers plans to field the federal dashboard for continuous diagnostics and mitigation in the cloud, Federal News Radio reported Wednesday. “Definitely as we go forward we’re looking at doing more in the cloud, including potentially at some point in the future, placing the federal dashboard in …

A study led by the Department of Homeland Security‘s science and technology directorate has offered recommendations for the federal government to manage the security of mobile devices being used by agency employees. DHS said Thursday it submitted the report titled “Study on Mobile Device Security” to Congress in accordance with the Cybersecurity Act …