The CDM program, led by the Department of Homeland Security, provides federal departments and agencies with capabilities and tools that identify cybersecurity risks on an ongoing basis. The COTs solution enables government entities to expand their continuous diagnostic capabilities by increasing their network sensor capacity, automating sensor collections, and prioritizing risk alerts.
Conway feels that the government is indeed ready for CDM, citing an overall awareness of cyber threats combined with the knowledge that each agency cannot meet these threats alone. The defined guidance from the White House and DHS helps put a framework around monitoring activities.
CDM was designed to recognize the two core parts of risk management – asset awareness (knowing what technologies you have on your network) and threat awareness (knowing who wants to get on your network). Conway states that the CDM program can be successful because it is more than just throwing technology at a problem; it also has a set of standards and processes that agencies should implement as part of their holistic cyber posture.
For those agencies in the early stages of CDM, Conway advises them to embrace automation (you’ll never have enough people to address the problem) and focus on the pieces that give you the most accurate and actionable results.