Tag Archives: Continuous Diagnostics and Mitigation

OIG Report: DHS Should Update Continuous Diagnostics and Mitigation Program Plan

Cybersecurity Talent

The Department of Homeland Security’s (DHS) office of inspector general (OIG) has recommended that the chief information security officer update DHS’ plan for the Continuous Diagnostics and Mitigation (CDM) program to demonstrate how the department will transition to a scalable CDM platform, ensure that components utilize tools to collect CDM data and integrate component data.

Read More »

Kevin Cox: CDM on Track to Field Cyber Dashboard at All CFO Act Civilian Agencies

Kevin Cox

Kevin Cox, Continuous Diagnostics and Mitigation (CDM) program manager at the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), said the program management office is on schedule to implement the CDM dashboard and related capabilities at 23 CFO Act agencies by the end of fiscal year 2021.

Read More »

CISA Seeks Visibility Capabilities Via Cloud Log Aggregation Pilots; Brian Gattoni Quoted

Lt. Col. Jody Ogle

The Cybersecurity and Infrastructure Security Agency (CISA) is working with several agencies and departments on pilot programs to determine whether it is feasible to aggregate cloud logs into a system that could help CISA analyze data and identify cyber threats. 

Read More »

Senate Lawmakers Ask CISA, OMB to Submit Docs Amid Probe Into Recent Cyber Hacks

Data-Centric Security

Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, and Sen. Rob Portman, R-Ohio., ranking member of the Senate panel, have asked the federal government to provide information on its response to cyberattacks involving SolarWinds Orion and Microsoft Exchange. Portman and Peters asked DeRusha to provide information on the government’s current federal cybersecurity strategy

Read More »

CISA Issues Directive on Using Cybersecurity Tools to Detect Microsoft Exchange Server Risks

CISA Cybersecurity Tools

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental direction to help agencies use new tools for identifying vulnerabilities in their Microsoft Exchange Servers. CISA said Wednesday that the emergency directive recommends agencies to use the Microsoft Safety Scanner or Microsoft Support Emergency Response Tool (MSERT) as well as the Test-ProxyLogon.ps1 script.

Read More »

Brandon Wales: CISA Invests $650M in American Rescue Plan Funds for Threat Intell

Brandon Wales

The Cybersecurity and Infrastructure Security Agency (CISA) has earmarked $650 million from its  American Rescue Plan Act funding to transition its EINSTEIN threat intelligence system to various programs. The agency is additionally working to complete the Continuous Diagnostics and Mitigation (CDM) effort’s phases one and two which are slated to conclude in 2021. 

Read More »

Judy Baltensperger, Kevin Cox Share Plans for CISA’s Continuous Diagnostics and Mitigation Program

Supply Chain Security

The Cybersecurity and Infrastructure Security Agency (CISA) plans to provide in 2021 an updated Continuous Diagnostics and Mitigation (CDM) program that could help reduce reporting requirements for agencies while helping them improve security. Judy Baltensperger said most of the pilot agencies have moved their infrastructure to the cloud and that data quality certification will likely be carried out by the summer of 2021.

Read More »

OMB Chief Russell Vought Releases Memo on FISMA Reporting Requirements for FY 2021

Russell Vought

Russell Vought, director of the Office of Management and Budget (OMB), has issued a memo detailing reporting requirements and deadlines for agencies in fiscal year 2021 in compliance with the Federal Information Security Modernization Act (FISMA) of 2014. Vought said the updated FISMA guidance directs agencies to report to OMB the status of their data security programs. 

Read More »

Karen Evans: DHS Consolidates Network, Security Operations Centers

Karen Evans

Karen Evans, chief information officer at the Department of Homeland Security (DHS), said DHS is merging its security and network operations centers to keep systems operational as analysts respond and investigate a cyber incident. She said DHS is considering ways how to staff the newly formed network operations security center with federal and contract employees. 

Read More »

Updated CISA Federal Cybersecurity Strategy Directs Improved CDM Scores Through FY 2021

Emotet Malware

The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to its action plan for strengthening federal cybersecurity in fiscal years 2020 through 2021. The initiative was led by Matthew Travis, the deputy director of CISA. CISA also cited evolving threat landscapes and limitations in cloud, network and encryption capabilities as challenges.

Read More »