From: Nextgov
The new guidance also requires agencies to justify buying cyber monitoring tools that aren’t vetted by Homeland Security.
By Joseph Marks
***
The guidance also expresses White House approval for Homeland Security’s Continuous Diagnostics and Mitigation program, or CDM, which offers suites of pre-vetted cybersecurity tools to federal agencies.
In the future, agencies that want to buy continuous cyber monitoring tools that are not authorized parts of the CDM program must first send memos justifying their decisions to the Homeland Security office that manages CDM and to the federal chief information officer, the guidance states.
Leave a Reply