The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program has made major progress in its efforts to help federal agencies deploy endpoint detection and response (EDR) technologies on their networks, a top CISA official said on June 9.
At the Axonius Adapt in Action conference in Washington, D.C., Matt House – CISA’s program manager of CDM – said the CDM program has “completed all of our efforts to support agencies deploying EDR capabilities.”
It has long been a key goal of the program to spread the cybersecurity solution across the government, with House laying out EDR progress as a top priority when he was named CDM program manager in 2022.
His positive progress report came after the Government Accountability Office (GAO) last year called for speeding up CISA’s EDR efforts.
“The Office of Management and Budget (OMB) established expectations that CDM would support federal cybersecurity efforts on … endpoint detection and response,” GAO said in a report on the CDM program.
“However, CISA had not finalized key activities to support endpoint detection,” the report said. “CISA’s actions to implement an endpoint solution for all agencies … would improve the cybersecurity posture of federal agencies.”
House’s remarks were part of a broader victory lap he took in a speech that hailed the CDM program’s progress in areas such as improving visibility, onboarding agencies onto the CDM dashboard, and working to meet Trump administration goals to cut costs by consolidating cybersecurity investments.
“We will be hitting our 14-year anniversary in October, so we are officially teenagers, and it’s been quite the journey for the program over the last decade,” he said. “What we have operational in many ways exceeds significantly what we initially thought we could do well over a decade ago.”
The CDM program provides federal agencies with tools to monitor vulnerabilities and threats to their IT systems in near real-time.
The program also equips each agency with a dashboard for tracking its cyber situational awareness data, which feeds into a federal dashboard. The federal dashboard allows CISA and the Office of Management and Budget to get a government-wide view of agency cybersecurity information.
In his remarks, House said CDM has helped gain visibility into potential threats to a level that “positions us to better support our agency customers in a way that just wasn’t possible” when the program began in 2012.
“We have the ability through that visibility to act effectively to combat cyber threats from foreign adversaries,” he said.
House cited extensive progress in dashboarding, which he described as “near and dear to my heart …We’ve succeeded in onboarding all agencies into our dashboard.”
He also praised the CDM program’s success in forging partnerships with federal agencies and industry.
“What we can share with agencies back and forth supports an overall federal cyber coordinated response capability, and that is really kind of like the north star for me,” he said.
Going forward, House said his goals for CDM include modernizing data collection capabilities and improving the program’s business model “to address our future contract support needs.”
But he acknowledged that with the threat environment constantly evolving, no one can know the future of federal cybersecurity needs.
“I don’t think we can accurately predict what we’re going to have to do in January of 2028, for example, to meet the threats of the day,” House said.