CISA Official Says CDM Program Upgrades to Enhance Cyber Threat Visibility

A Department of Homeland Security official said the Continuous Diagnostics and Mitigation program will use enhanced visibility across federal networks to identify technologies vulnerable to cyber threats.

Michael Duffy, associate director of capability building at the Cybersecurity and Infrastructure Security Agency, said in a blog post that CDM’s operational and incident response elements will be improved to ensure operators have a clearer picture of the cyber threats that could affect systems. Duffy also noted that CISA’s cyber defense operators use CDM dashboards to support incident response.

As part of CDM’s evolution, CISA incorporated robust endpoint detection and response tools with CDM dashboard capabilities to help users understand threats better, Federal News Network reported.

According to Duffy, CDM evolution has focused on operational risk reduction and has produced significant results since the start of the year. Earlier this month, CISA operators used CDM capabilities to inform agencies of the MOVEit Transfer vulnerability and looked for cyberthreat activities within networks using CDM EDR.

CISA also recently said 55 percent of U.S. federal agencies automatically submit reports through CDM, exceeding its target ahead of schedule. CISA plans to achieve 85 percent automated reporting and will monitor other CDM elements as part of its efforts to improve the program.

In spring, all 23 Chief Financial Officer Act agencies started sharing cyber risk information with CISA through CDM Agency Dashboards.