Achieving enterprise security to support agency services

By Dan Chenok and John Lainhart

By Dan Chenok and John Lainhart

|

Dan Chenok and John Lainhart explain why CDM is set to play a central role.

computers and globe_data sharing

Increased connectivity has transformed and improved access to government. Citizens today can connect with government agencies and leaders in ways that were unimaginable just a few years ago.

This connectivity, however, has also increased the importance and complexity of our shared risk. Ever-increasing cyberattacks on federal government networks are growing more sophisticated, aggressive and dynamic. It is paramount that as the government continually provides essential services to the public, agencies safeguard information from theft and networks and systems from attacks while protecting individual privacy, civil rights and civil liberties.

In order to provide for effective and efficient information for citizens and businesses online and in real time, agencies are taking advantage of applications that allow ongoing visibility into threats, vulnerabilities and incidents on their networks. The government's use of this category of applications is central to the Department of Homeland Security's Continuous Diagnostics and Mitigation program -- a dynamic approach to fortifying the cybersecurity of computer networks and systems.

The CDM program provides capabilities and tools that enable network administrators to see the state of their respective networks at any given time, understand the relative risks and threats, and help system administrators identify and mitigate flaws at near-network speed.

DHS established the CDM program to support government efforts to provide adequate risk-based and cost-effective cybersecurity. CDM -- which is also available to state, local and tribal government entities -- provides stakeholders with the tools they need to protect their networks and enhance their ability to identify and mitigate cyber threats. It also offers a path to providing greater intelligence about enterprise security.

In addition, CDM complements the risk-based approach to security that agencies can use to ensure a comprehensive program that enables missions while effectively safeguarding assets, relying on National Institute of Standards and Technology guidance for implementation across a broad range of agency activities.

Even with strong efforts across the government, the Government Accountability Office and inspectors general offices report that security continues to be a challenge for federal agencies. That reinforces the strong support across the federal government for CDM and its call for more automated and proactive approaches to controlling and protecting federal data and systems, which departments, agencies and component levels all need to accelerate their move to enterprise security intelligence.

CDM enables agencies to move from a reactive manual approach, which relies on often-heroic human actions to protect federal data and systems, to one of predictive and automated security analytics, where data and systems are protected by automated decision-making and leveraging the human knowledge to make sound security decisions based on risk, vulnerabilities and consequences.

A holistic, intelligent approach to security that helps organizations combat the increase of cyberattacks, insider threats and advanced persistent threats provides the enterprise security that most organizations have found elusive to date. This approach relies on an architecture for security intelligence operations that comply with the increase of mandates and federal regulations. Such an effort also correlates assets, threats and vulnerabilities to create situational awareness for sound risk management decisions.

To implement this approach, agencies benefit from solutions that can efficiently process billions of events from multiple devices and transform them into actionable incidents based on risk and threat analysis. By doing so, enterprises can actively and accurately predict, prevent, react to and remediate security risks in their organization, ultimately achieving a more "intelligent" approach to managing security that automates and streamlines systems and security management to lower the total cost of managing IT assets -- securing mobile devices, laptops, desktops and servers that are physical or virtual, on or off network, personal or corporate-owned.

This enterprise strategy for security makes new technologies, such as cloud and mobile, more secure -- especially when coupled with agency actions to assess their security posture, develop a strategy, design a strategic architecture, implement security and privacy controls, and manage the solutions. As this real-time, continuous diagnostics and mitigation approach matures and is integrated with sustained attention to risk-based approaches to managerial and operational controls, agencies will be able to more effectively address the challenges of securing their people, data, applications, transactions and infrastructure.

NEXT STORY: Streamlining storage, an Adobe CTO, a China cyber offer and more

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.