Budget, workforce challenge CDM implementation

From: FCW

By Lauren C. Williams

Industry representatives told a House panel on Jan. 17 that a key cybersecurity program aimed at protecting federal networks was making progress, but budgetary and workforce setbacks are contributing to implementation delays.

The four-phase $6 billion Continuous Diagnostics and Mitigation program is designed to give civilian agencies access to tools and personnel to secure networks, identify trusted users and monitor network traffic.

Read Complete Article


Shutdown could make it harder to prevent cyberattacks

From: Federal Times


As Congress looks likely to pass its fourth continuing resolution in five months, agencies will have a hard time procuring cybersecurity technologies through the Department of Homeland Security’s Continuous Diagnostics and Mitigation program and be forced to deal with shorter appropriations timetables.


The 2018 fiscal year occurs from Oct. 1, 2017, to Sept. 30, 2018, meaning that, even should Congress pass a complete appropriations bill by Friday, Jan. 19, agencies will have just over eight months of funding to work with when procuring technology for their CDM programs.


CDM: Making US Federal Agencies More AWARE of Cyber Exposure

From: Security Boulevard

by Chris Jensen

At a recent Tenable sponsored MeriTalk event, Kevin Cox, program manager for Continuous Diagnostics and Mitigation (CDM), provided a preview of coming attractions regarding the CDM federal dashboard. As of this writing, the CDM dashboard is in its initial production stage, with agency exchanges being set up to aggregate the data to be fed into the dashboard. At least five agencies are reportedly on track to have data uploaded to the CDM dashboard during the first quarter of 2018.


How DHS’ automated information sharing program continues to evolve, grow

From: Federal News Radio

By David Thornton

DHS’ Automated Information Sharing program is going well, according to Jeanette Manfra, Assistant Secretary of Cybersecurity and Communications in National Protection and Programs Directorate at DHS. She said the program now has more than 200 entities — companies, or information-sharing entities representing multiple businesses — signed up to receive the information DHS shares to help prevent cyber attacks.


This is part of the department’s preparations of what it calls TIC 3.0. DHS is attempting to address some of the most common agency challenges to using trusted internet connections, including manual reporting.