UNCLASSIFIED/FOR OFFICIAL USE ONLY. Department of Homeland Security (DHS) Continuous Diagnostics & Mitigation (CDM) CDM Program Briefing



Similar documents
Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Middle Class Economics: Cybersecurity Updated August 7, 2015

Network Security Deployment Obligation and Expenditure Report

Enterprise Security Tactical Plan

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management

For More Information

Continuous Diagnostics & Mitigation:

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education

CDM Vulnerability Management (VUL) Capability

EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D.C October 30, 2015

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

Network Security Deployment (NSD)

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity;

Management (CSM) Capability

Why Cybersecurity Matters in Government Contracting. Robert Nichols, Covington & Burling LLP

Cyber Security Metrics Dashboards & Analytics

Obtaining Enterprise Cybersituational

The Comprehensive National Cybersecurity Initiative

Actions and Recommendations (A/R) Summary

CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security

No. 33 February 19, The President

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration

Department of Homeland Security INFORMATION TECHNOLOGY STRATEGIC PLAN

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE

RSA CYBERSECURITY POVERTY INDEX 2015

FY15 Quarter 1 Chief Information Officer Federal Information Security Management Act Reporting Metrics V1.0

Commercial and Government Information Technology and Industrial Control Prodnct or System Vulnerabilities Equities Policy and Process (U//FOUO)

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

CDM Hardware Asset Management (HWAM) Capability

Report via OMB s Integrated Data Collection (IDC), 10

Defense Security Service

National Security & Homeland Security Councils Review of National Cyber Security Policy. Submission of the Business Software Alliance March 19, 2009

Data Security Concerns for the Electric Grid

Manage Vulnerabilities (VULN) Capability Data Sheet

FREQUENTLY ASKED QUESTIONS

Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention

future data and infrastructure

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

Cybersecurity Enhancement Account. FY 2017 President s Budget

GAO Information Security Issues

Diane Honeycutt National Institute of Standards and Technology (NIST) 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899

NYS LOCAL GOVERNMENT VULNERABILITY SCANNING PROJECT September 22, 2011

Access FedVTE online at: fedvte.usalearning.gov

STREAM Cyber Security

High Level Cyber Security Assessment 2/1/2012. Assessor: J. Doe

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

Department of Homeland Security

DoD CIO s 10-Point Plan for IT Modernization. Ms. Teri Takai DoD CIO

Regulatory Compliance Management for Energy and Utilities

Audit of NRC s Network Security Operations Center

THE EVOLUTION OF SIEM

Written Testimony. Dr. Andy Ozment. Assistant Secretary for Cybersecurity and Communications. U.S. Department of Homeland Security.

A Primer on Cyber Threat Intelligence

ANNUAL REPORT TO CONGRESS: FEDERAL INFORMATION SECURITY MANAGEMENT ACT

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

The Importance of Cybersecurity Monitoring for Utilities

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Optimizing Network Vulnerability

(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative

The National Cybersecurity Workforce Framework Delaware Cyber Security Workshop September 29, 2015

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

Software Asset Management (SWAM) Capability Data Sheet

Information Security Risk and Compliance Series Risking Your Business

L evoluzione del Security Operation Center tra Threat Detection e Incident Response & Management

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration

CAPTURE-THE-FLAG: LEARNING COMPUTER SECURITY UNDER FIRE

National Initiative for Cyber Security Education

Supplemental Tool: NPPD Resources to Support Vulnerability Assessments

HWAM Capability Data Sheet

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time

PUTTING NIST GUIDELINES FOR INFORMATION SECURITY CONTINUOUS MONITORING INTO PRACTICE

Information Technology Risk Management

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks

MEETING CSIP OBJECTIVES WITH AN AUTOMATED AND PREVENTIVE SECURITY APPROACH

CDM Software Asset Management (SWAM) Capability

Why should I care about PDF application security?

Transcription:

UNCLASSIFIED/FOR OFFICIAL USE ONLY Department of Homeland Security (DHS) Continuous Diagnostics & Mitigation (CDM) CDM Program Briefing

What is CDM? UNCLASSIFIED/FOR OFFICIAL USE ONLY The CDM program is a dynamic implementation approach to fortifying the cybersecurity of computer networks and systems. The CDM Program provides capabilities and tools that enable network administrators to know the state of their respective networks at any given time, by identifying and ranking problems for priority resolution. Continually monitoring networks for flaws and anomalies will alert network managers to attacks and intrusions, thereby enabling faster responses to fix vulnerabilities that allow attacks. CDM s intent parallels the national priority for hardening network defenses. CDM offers commercial off-the-shelf (COTS) tools, with robust terms for technical modernization as threats change. The CDM Program helps protect government IT networks from cybersecurity threats and enhances risk-based decision-making. 2

UNCLASSIFIED/FOR OFFICIAL USE ONLY CDM Concept of Operations Funding/Procurement Expectations Address.gov agency continuous monitoring gaps Develop federal/agency dashboards Strategic sourcing Objective: Harden federal networks in face of attacks Scope: o Unclassified.gov systems with FY 2013 funds o Open contract to other federal, state and local use o Create a federal dashboard to feed CyberScope 3

UNCLASSIFIED/FOR OFFICIAL USE ONLY How CDM Works Agency-installed sensors that perform an automated search for known cyber flaws; Results feed into dashboards, which produce customized reports, alerting IT managers to their worst and most critical cyber risks based on standardized and weighted risk scores; Prioritized alerts, enabling agencies to efficiently allocate resources based on the severity of the risk; and Progress reports that track results which can be shared within agencies. Summary information can be fed into an enterprise-level dashboard to inform and prioritize cyber risk assessments. 4

UNCLASSIFIED/FOR OFFICIAL USE ONLY Expected Benefits Achieves cost savings through tiered-price and task order discounts, enabling more efficient use of scarce resources; Utilizes consistent application of best practices and Commercial Off-the- Shelf (COTS) products; Provides near-real time results; Prioritizes the worst problems within minutes, versus quarterly or annually; Enables defenders to identify and mitigate flaws at network speed; and Lowers operational risk and exploitation of government IT systems and networks. 5

UNCLASSIFIED/FOR OFFICIAL USE ONLY CDM Implementation Phases 6

UNCLASSIFIED/FOR OFFICIAL USE ONLY CDM Capabilities FY13 FY13 z FY13 FY13 7

Participation Status Current CDM Program Participation 124 agencies have been contacted (representing 286 D/A and components) 105 agencies are eligible to participate in the CDM Program and Early All 23 CFO Act agencies are participating Early Engagement Group is in operation 8

9

Delivery Order 1 (Commodities Only) RFQ released November 8, 2013 Proposals received at GSA November 22, 2013 Evaluations are under way Award will be in early 2014 Expect to include more than 25 D/As Participants will be contacted to obtain delivery information (accountable property officer and instructions) Additional products and services to complete the CDM solution for TO 1 recipients will be from TO 2.1 10

Task Order 2 Approach Breakdown TO2 to support subgroups 2.1 Services Subgroup 2.2, 2.3, 2.4 Enterprise and Gap Filler Subgroups Streamline requirements where possible Reduce the amount of time required to setup acquisition, release the solicitation, evaluate, and make award while minimizing the likelihood of a protest. Identify and reduce complexities related to execution and management of each subgroup Acquisition Activity CDM is looking beyond GSA FEDSIM to assist in processing task orders under the CDM CMaaS BPA Subgroups will be iterative in the roll out of Phase I capabilities. 11

Resources UNCLASSIFIED/FOR OFFICIAL USE ONLY CDM public website: www.us-cert.gov/cdm CDM ordering information: www.gsa.gov/cdm CDM Portal, Secure Community of Interest: https://connect.hsin.gov/cdm Contact Us: cdm.fnr@hq.dhs.gov 12