by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : February 2015
I f there is one thing government technology professionals know, it’s that no system—no matter how many tools and staff are dedicated to it—is fully secure. Agencies have spent the last two decades working hard to keep up with the changing nature and breadth of cyber-threats, but most acknowledge that it’s time for a new approach. Enter CDM. The Continuous Diagnostics & Mitigation method encourages agencies to approach cybersecurity in a more holistic, automated, measurable, and continuous way. Based on standards from NIST, CDM focuses on providing agencies with comprehensive visibility into assets and activities across the network, the ability to measure all risks, and full accountability of staff to follow plans and policies. CDM is a deliberate attempt by government to move from the reporting rules of FISMA and the progress made through continuous monitoring to more comprehensive, effective security monitoring and mitigation. Once fully rolled out, all federal agencies will have the tools and processes to protect their networks and infrastructure from cyber-threats. Even Congress has stressed the importance of CDM as a priority throughout government. The DHS 2015 appropriations bill specifies that part of the $140 billion set aside for the Federal Network Security program should be used “to provide adequate, risk-based and cost-effective cybersecurity to address escalating and rapidly evolving threats to information security, including the acquisition and operation of a continuous monitoring and diagnostics program”. The CDM program will be implemented in three phases. In the first phase, currently in progress, agencies are tasked with satisfying the first four of 15 functional areas: hardware and software asset management, vulnerability management, and configuration-setting compliance. During this phase, agency networks must be scanned at least once every 72 hours for potential attacks or vulnerabilities. Agencies also should install or update their sensors and start performing automated searches for potential vulnerabilities. CDM makes the difference Whether it’s a security risk to the network, applications, data, an Internet-connected sensor, mobile device with access to network resources or a cloud-based system, CDM controls can make a big difference. They do so by providing a holistic view across the enterprise so you can understand the assets you have, the role of those assets in your organization, and where those risks are arising. “With that information, you can quickly evaluate potential negative impacts to the organization and make sure you resolve and remediate the most potentially damaging risks first,” says Robert Potter, Vice President, US Federal at security, storage and systems management solutions provider Symantec. The key underlying concept of CDM is to fix the worst problems first, which puts the focus squarely on risk prioritization and management. That means expanding the risk management framework to fully understand critical applications, data sets, personnel and key vulnerabilities. CDM takes that up a notch with real-time monitoring, automation and big data analysis, which allows IT staff to access Making a Success of CDM CONTINUOUS DIAGNOSTICS & MITIGATION Sponsored Content FCW_Carahsoft_4pg_Insert_final4.indd 1 1/23/15 1:32 PM
March 15, 2015