CISA’s Connelly Details TIC, CDM Collaboration

Cloud Computing Brainstorm 2019 - Sean Connelly

Cloud Computing Brainstorm 2019 - Sean Connelly

Sean Connelly, Trusted Internet Connections (TIC) Program Manager at the Cybersecurity and Infrastructure Security Agency (CISA), detailed at MeriTalk’s CDM Central: Tales from the Frontlines virtual event today how TIC and the Continuous Diagnostics and Mitigation (CDM) program work together to bolster Federal cybersecurity.

While TIC has a greater focus on protecting the network perimeter and CDM provides agencies with a platform to monitor cyber vulnerabilities, both programs are housed within CISA and focus on providing tools to Federal agencies to prevent cyberattacks. As more agencies move to the cloud and attack vectors change, Connelly explained that the network perimeter is also changing, and the TIC and CDM offices complement each other “to further provide a comprehensive approach to cybersecurity best practices.”

“Between the TIC team and the CDM team at CISA, many people are familiar with both programs. Both rely on the same engineering team between the two programs,” Connelly said. “TIC PMO [Program Management Office] also works the CDM PMO to develop all of those capabilities and how to monitor them.”

As CDM tools offer visibility into cloud environments, Connelly added, TIC will evaluate agencies’ use cases, security patterns, and capabilities to further strengthen cybersecurity efforts.

The evolution of cybersecurity is a key point in the TIC 3.0 guidance. To address the new challenges of a changing perimeter, TIC 3.0 supports a multi-boundary approach by establishing “trust zones,” or security boundaries, throughout the environment rather than a security perimeter around the environment.

When the COVID-19 pandemic led the Office of Management and Budget to direct agencies to quickly pivot to telework, CISA released the TIC 3.0 Interim Telework Guidance to help agencies use tech for mission continuity in a secure manner. While drafts of the full TIC 3.0 guidance have been out for some time, Connelly confirmed today that the core TIC 3.0 guidance will be released in its final form this summer.

Please visit CDM Central: Tales from the Frontlines for on-demand replays of today’s conference sessions. Then continue the conversation on July 15 at 1:30 p.m. EDT with MeriTalk’s CDM: The Next Chapter webinar that explores our recent survey of government and industry stakeholders to catalog progress and chart the path forward for the program.

Categories

Recent