NIST SP 800-137

From: MeriTalk

Booz Allen Hamilton has won a task order worth up to $1.03 billion to provide services under the Continuous Diagnostics and Mitigation (CDM) Program to CDM’s Group D Federal agencies, according to contracting information on the General Services Administration’s (GSA) Federal Procurement Data System.

Group D includes GSA, the Departments of the Treasury and Health and Human Services, the Social Security Administration, National Aeronautics and Space Administration, and the U.S. Postal Service. The award was made on July 24, according to GSA contract data, and includes a base year with five one-year options, which would bring the program to July 2024 if all options are exercised.

From: Homeland Preparedness News

by Dave Kovaleski

***

“CDM is a critical component of our national cybersecurity strategy. Supporting DHS Under Secretary (Christopher) Krebs’ effective deployment and ongoing improvement of CDM at NPPD is a top priority of the Cybersecurity and Infrastructure Protection Subcommittee,” Ratcliffe, chairman of the Cybersecurity and Infrastructure Protection Subcommittee on the House Homeland Security Committee, said.

The goal of the bill is to boost the long-term success of the CDM program by making sure it keeps pace with innovative capabilities in the private sector. This will help ensure that CDM continues to evolve and adjust to the changing cyber threat landscape. It will also require DHS to develop procedures for reporting systemic cybersecurity risks and potential incidents based on data collected under CDM.

From: Washington Technology

By Ross Wilkers

CGI Federal has won a task order with a potential value of at least $500 million for cybersecurity services to five federal agencies under the government-wide Continuous Diagnostics and Mitigation Program.

This order covers tools and services for departments of Commerce, Justice, Labor and State; plus the U.S. Agency for International Development. Those are “Group C” agencies under the larger $3.4 billion CDM DEFEND umbrella program run by the Homeland Security Department.

Read Complete Article

From: Federal News Radio

By Jason Miller

The Nuclear Regulatory Commission’s implementation of phase one of the continuous diagnostics and mitigation (CDM) program fell behind schedule by as much as nine months.

In June, the agency issued a sole source justification authority to continue to pay Enterprise Services— formerly HP Enterprise Services — $389,000 for another year of work on phase one.

Read Complete Article

From: FedScoop

WRITTEN BY Carten Cordell

***

The CIO added that his team is also leveraging the Department of Homeland Security’s Continuous Diagnostic and Mitigation program both as a shared service provider across the Commerce Department’s disparate systems, but also to look for possible supply chain vulnerabilities that could affect its networks when new technology is on-boarded.

“Census has used that significantly, that supply chain effort, and we have in fact found things. I’ll just leave it at that,” he said.

Read Complete Article