Continuous Diagnostics And Mitigation (CDM) Program Q1-2023

  • OMB Memorandum M-14-03 and the Continuous Diagnostics and Mitigation (CDM) Program.
  • In 2012, the Office of Management and Budget identified continuous monitoring of federal IT networks as one of 14 Cross-Agency Priority (CAP) goals.
  • To support federal departments and agencies in meeting the CAP goal, the Department of Homeland Security (DHS) established the CDM Program
  • Continuous Diagnostics and Mitigation (CDM) Program is a dynamic approach to fortifying the cybersecurity of government networks and systems.
  • The CDM Program provides DHS, along with Federal Agencies with capabilities and commercial off-the-shelf (COTs) tools and identify cybersecurity risks on an ongoing basis, prioritize these risks based on potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first.
  • Agency-installed sensors are deployed and perform an on-going, automated search for known cyber flaws. Results from the sensors feed into an agency dashboard that produces customized reports that alert network managers to their most critical cyber risks.
  • Congress established the CDM program to provide adequate, risk-based, and cost-effective cybersecurity and more efficiently allocate cybersecurity resources.
  • Compare security postures among agency networks. Summary information feeds into a Federal enterprise-level dashboard to inform and provide situational awareness into cybersecurity risk posture across the Federal Government.
error: Content is protected !!