Industry Executives Say CISA Needs to Expand CDM to Cover Larger Agencies

Cybersecurity experts said the Cybersecurity and Infrastructure Security Agency needs to strengthen its threat-hunting capabilities and visibility across the federal network.

Stephen Zakowicz, vice president of CGI Federal, said CISA’s Continuous Diagnostics and Mitigation shared service model may not work for larger federal agencies because of unique needs that are not covered by the program. However, Zakowicz noted that federal agencies could still use the CDM shared service model if they could see benefits such as reduced operating costs and improved cybersecurity capabilities.

Brian Gumbel, president of the cybersecurity firm Armis, suggested that CISA expand CDM to include internet of things devices, operational technology devices and other technologies. He also suggested that the agency reach out to other federal leaders to create a holistic view of the U.S. cybersecurity landscape, Federal News Network reported.

The experts’ comments come amid CISA’s efforts to improve the CDM program.

Earlier in September, CISA senior engineer Ross Foard shared that his team is looking at how to integrate access management capabilities into CDM. According to Foard, access management would prevent unauthorized access and ensure that agencies comply with federal information security requirements.

In July, Michael Duffy, CISA’s associate director of capability building, announced improvements to CDM’s operational and incident response elements to give cyber operators better insights into the United States’ cybersecurity landscape.