While the Coronavirus pandemic has exposed fundamental weaknesses across government systems, the Continuous Diagnostics and Mitigation (CDM) Program has continued to support Federal agencies’ efforts to securely manage data and networks.
Earlier this year, many agencies started to leverage CDM’s cloud-hosted dashboards for greater scalability and visibility. At the same time, Federal IT leaders noted the need for improved data quality, agency trust in data, visibility into datasets, and identity and access management tools.
Phase 4 of the program focuses on the core question, “how is data protected?” According to Federal CISO, Grant Schneider, who shared at MeriTalk’s CDM virtual conference, risk management is a big focus for agencies – especially through the pandemic, which has expanded the distributed workforce as well as attack surfaces.
“We are also very concerned about people’s personal information infrastructures at home and the cybersecurity posture of those, which is something as technologists we technically cannot do anything about, so we have to focus on awareness and awareness training,” said Schneider.
Schneider noted that CDM is a key tool that provides agencies with far more situational awareness of what is happening on their network, who is operating on the network, and how to manage agency-level and enterprise cybersecurity risk. He said that all CFO Act agencies, as well as several small and micro agencies, are leveraging CDM to accomplish these goals.
With the strong possibility of continued telework, Schneider says CISA is working with agencies to expand CDM into the cloud. As such, Phase 4 of the program is critical – prioritizing data protection and management under the Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) task orders. This phase supports the program’s overall goals: identifying risks, prioritizing risks based on impact, and enabling cybersecurity personnel to tackle the most significant problems first.
“We have to be prepared at all times and able to quickly do something with the data and information that we are getting because that is what allows us to implement mitigations, to understand when we are seeing an attack-site surface,” Schneider said.
A MeriTalk study showed that 90% of CDM stakeholders believe cybersecurity adversaries are out-pacing agencies’ best efforts to keep up1. For proactive response, agencies need a streamlined view of their data, as well as potential and active threats. And, data backup solutions are key for rapid recovery from attacks.
David Siles, Global Field Chief Technology Officer for Rubrik said the pandemic has refocused agencies’ energy towards data protection, and data and risk management, during an exclusive Q&A with MeriTalk. Rubrik has seen an increase in cyberattacks across the Federal government, as well as state and local governments.
“The threat of ransomware is the pandemic within the pandemic. The bad actors in the world have taken COVID-19 as an umbrella to cover their crimes,” Siles said.
“It is important to have a resilient platform with immutability and defenses in place to help enable recovery in the event of a cyberattack. Because of the remote workforce, data is moving beyond the four walls of the primary location. We need to ensure that data is moving securely and it is staying protected. Having a platform that gives you that basis of security, resiliency, and immutability is fundamental in the landscape of today,” he noted.
Siles said that agencies need to reevaluate how they do remote computing, leverage automated data protection, and enable IT teams to manage data globally, no matter where it lives – whether in a primary data center or the cloud. This allows agencies to mobilize data securely, to support their remote workforce not only during COVID-19 but in the future as well.
Data is compounding faster than it can be managed manually, Siles says. He noted, “the only way for agencies to truly achieve digital transformation at scale is through automation and effective policy. It is a core requirement of many agencies already and CDM is going to leverage automation as much as possible to reduce data risks.”
Agencies must understand how to protect vital cloud and mobile environments, essential to Federal telework at scale, and how to operationalize and securely manage data, no matter where it is. Just 17 percent of Feds say their agencies can address CDM’s data protection management capability in real-time1.
Moving forward, Schneider said the question becomes, “How are we able to collect the data and information within the CDM environment and get that ported over and shared across agencies and shared across the enterprise as quickly as possible? How do we do that in real-time?”
[1] MeriTalk “CDM: The Next Chapter” (2020)