The Continuous Diagnostics and Mitigation (CDM) program that aims to improve Federal civilian network defenses is seeing an “extremely busy” 2021 following high-profile cyber breaches targeting government and private-sector networks, and government moves to open up the funding spigot to the program, a senior CDM program official said during MeriTalk’s June 10 “CDM: More Critical Than Ever” webinar.
Richard Grabowski, the program’s acting deputy program manager, provided the latest assessment on CDM demand while addressing key points of fresh research from MeriTalk showing that nine out of 10 Federal IT decisionmakers believe that the SolarWinds Orion software supply chain breach should be a catalyst to rethink Federal civilian cybersecurity practices.
Both the Biden administration and Congress have taken bold steps to beef up cybersecurity funding and strategy following the high profile SolarWinds, Microsoft Exchange, and Pulse Connect Secure hacks that have come to light since late last year.
On Capitol Hill, lawmakers approved a $650 million funding infusion for the Cybersecurity and Infrastructure Security Agency (CISA) that runs the CDM program, and the Biden administration’s cybersecurity executive order unveiled last month puts major emphasis on installing endpoint detection and response capabilities on Federal networks – one of the hallmark functions of the CDM program.
Those actions, Grabowski said, “show the amount of additional mission space that the program is getting,” adding that the CDM program is “very unique and important” to the government’s new drive to improve Federal agency security.
“It’s very encouraging to see that kind of support from CISA and Congress,” he said. “I think it’s more critical than ever for us to execute.” The additional funding, Grabowski said, will keep CDM program “extremely busy” in 2021.
Karen Evans, who was CIO at CISA’s Department of Homeland Security (DHS) parent agency last year when news of the SolarWinds breach emerged, said during the MeriTalk webinar that she agrees with the research’s top-line finding that the attacks can be a catalyst to reconsider security strategies.
“Absolutely, it’s time for us to rethink security,” said Evans, who also is a former senior cybersecurity official at the Energy Department, and now a partner at KE&T. “It’s an opportunity; every crisis is an opportunity,” she said of the breach.
Evans also offered praise for the degree of coordination between the government and the private sector in response to the attack. “Our industry partners stepped up,” she said. Absent that help, “I don’t know fast we would have been able to detect and squeeze them out of the network.”
Grabowski seconded the value of the CDM program’s extensive relationship with industry partners.
“Our bread and butter is dealing with industry and bringing technologies to agencies,” he said. Speaking of the wide range of security products that agencies can choose from to implement the program’s aims, he said, “there are hundreds of thousands of SKUs out there. That speaks volumes about how we are dealing with industry.”
Discussing MeriTalk’s research findings that most respondents believe the SolarWinds breach has increased the importance of the CDM program, but that only one in five give the program an “A” grade for promoting network resilience after a breach, Evans countered that Federal agency IT leaders need to adjust their expectations for what the program can do.
“Part of this is what peoples’ expectations are of the CDM program,” she said. “If you take a look at expectations versus implementation … that’s where you see the difference.” The CDM program can offer a lot to agencies, “but the implementing agency has to take the steps,” she said.
For the full story from CDM program experts, please access the complimentary webinar.