Important Updates to DHS’s CDM Program Help Ensure Programs Effectiveness

The Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program is a key component of the federal government’s cybersecurity posture. This important program provides real-time, continuous monitoring of federal networks while also auditing networks for unauthorized changes.

While the CDM program has been a boon to the security of many civilian agencies, there are opportunities to make it even stronger, and recent legislation introduced in both the House and Senate is vital to the continued success of the program. Just this month, Reps. John Ratcliffe (R-TX) and Ro Khanna (D-CA) introduced the Advanced Cybersecurity Diagnostics and Mitigation Act, which codifies the CDM program and encourages further innovation that will improve the federal government’s cyber readiness for years to come,  helping prevent cyberattacks and intrusions by bad actors.

In addition to officially codifying the program, this bill includes other important requirements that will keep CDM up to date and effective, including:

• The deployment of new CDM technologies
• The availability of CDM capabilities for civilian departments and agencies, as well as state and local governments
• A mandate that DHS develop a strategy to ensure CDM is constantly preparing for the changing cyber threat landscape

Perhaps most importantly, this bill puts a new focus on continuous monitoring as a capability that tools federal agencies use every day should have. This key focus is critical to enabling the federal government to better handle and respond to cyberattacks and other intrusions. While preventing these types of attacks is always the priority, Congress must also equip the federal government with the tools they need to properly handle the worst-case scenario: an attack that impacts the government’s ability to function or one that puts sensitive information at risk.

At McAfee, we’re working every day to help federal, state and local governments better prepare for the threats of today and tomorrow, both on-premises and in cloud and multi-cloud environments. CDM is an ideal vehicle for agencies to use cloud to secure and protect citizen data, provide modernized services and more. Indeed, moving applications and infrastructure to the cloud is one of the innovations CDM should encourage.

Reps. Ratcliffe and Khanna’s bill is identical to its Senate counterpart (S.2318), introduced earlier this summer by Senators John Cornyn (R-TX) and Maggie Hassan (D-NH). These two bills go a long way to building on CDM with important new language that focuses on the innovation companies like McAfee invest in every day to better secure the nation’s cybersecurity posture to better tackle the onslaught of cyber threats facing us every day. We look forward to continuing to work with leaders in Congress to tackle these important issues and to constantly improve CDM.