Host to millions of devices and employee-users, U.S. Federal Government networks monitor logs of millions of processes and interactions daily. Monitoring it all for cyber threats and vulnerabilities is as critical an undertaking as it is massive. Among the terabytes of data you'll find some of the world's most critical, sensitive, and valuable information. Social security numbers, tax filings, and agricultural commodities research are just a few examples.
Cybercriminals—be they thieves, hacktivists, or spies—have every incentive to interrupt, destroy, or exfiltrate any and all of it, and they are always trying. The Office of Personnel Management alone fends off 10 million cyber intrusion attempts every month.
Enter 'Continuous Diagnostics and Mitigation'
To address this constant and evolving threat, the Department of Homeland Security (DHS) established the Continuous Diagnostics and Mitigation (CDM) program, a multi-phased approach to outfitting federal agencies with the skills, insight, and tools necessary for effective cybersecurity.
Since Booz Allen partnered with DHS on the first phases of CDM in 2015, we’ve helped 13 cabinet-level agencies improve security for over 4 million computers and 80 percent of .gov networks. In February of 2018, we were selected as the first prime contractor under CDM’s next chapter—the Dynamic and Evolving Federal Enterprise Network Defense program (DEFEND)—with a $621 million single-award, 6-year task order.
“Our understanding of these agencies and the resources CDM provides them is unmatched,” says Greg Decker, chief engineer of Booz Allen’s CDM-support program. “Combine that with our deep bench of expertly certified cyber practitioners and we’re the clear best choice for CDM operationalization support.”
Answering Essential Questions in Two Phases
For phases one and two of CDM, we’re helping agencies fully answer two questions that are foundational to any major cybersecurity undertaking:
- What is on their networks: What devices, what equipment, what software?
- Who is on their networks: Who are the regular users and what are their access privileges?
With phases three and four now underway, we’re helping them nail down the answers to a couple more essential questions:
- What is happening on their networks: What events and activities form the baseline of their day-to-day network traffic?
- How is the data on their networks being protected as it resides on and travels between an increasing number and variety of devices?
“These phases add up to gaining and maintaining the visibility to be able to answer all four of those questions continuously and in near real time,” Greg says. “That’s what you need to support truly risk-based decision making.”
Beneath that overarching goal are many smaller objectives that will help agencies overcome some of government’s most persistent cybersecurity challenges.
One such challenge is the tension between a sector-spanning shortage of top-tier cyber talent and the labor-intensive reporting demands of laws like the Federal Information Security Management Act (FISMA). “Agency employees spend a tremendous amount of time gathering data for reports to answer FISMA requirements,” Greg says. “One of the solutions that we support automates that, so you can go to your CDM dashboard and find the metrics you need right there, ready to be reported on in almost real time.”
Another key challenge is improving federal-wide governance of cyber policies and procedures. Many agencies are federated to an extent that their approaches to cyber vary significantly from office to office. The Federal Information Technology Acquisition Reform Act (FITARA), passed in 2014, aims to change that. “FITARA is driving agencies to centralize more of the governance around their IT and security,” Greg says. “Our CDM support helps facilitate that by establishing common policies and providing common capabilities across all agencies.”
Looking to ramp up CDM operationalization efforts at your agency? Booz Allen can help. With our mastery of CDM resources and intricate understanding of agency cultures and missions, we’re your guide for planning and execution at any stage of the program.