Kevin Cox, program manager for the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program, today detailed several priorities for the program office in FY2020 that begins next month. Those include focus on the Agency-Wide Adaptive Risk Enumeration (AWARE) algorithm, the new dashboard ecosystem, enterprise mobility management, cloud security, and protection of high-value assets.
Speaking at the Billington Cybersecurity Summit, Cox said the FY2020 priorities include:
- Undertaking “proofs of concept” of the dashboard ecosystem that will be built under a $276 million contract awarded to ECS Federal earlier this year. The proofs of concept will be handled “first in a lab environment, and then with participating agencies,” according to slides used by Cox. He said his office hopes this fall to “bring that technology out … to a handful of agencies to implement the dashboard ecosystem.”
- Working to integrate Federal agency enterprise mobility management mobile asset data into agency CDM dashboards, following completion of efforts to discover that data.
- Undertaking proof-of-concept work on cloud security, following completion of cloud discovery efforts. According to Cox’s presentation slides, the program office plans to “work with the DHS team, agencies, system integrators, and DHS Cybersecurity Division partners to determine the right approach and scope for a cloud security proof of concept.”
- Expanding “pilots/proofs of concept” with additional Federal agencies on high-value asset protection activities. The program office plans to “explore the possibility of having at least one pilot per DEFEND group,” according to presentation slides.
On that last item, Cox elaborated, “We have begun pilots in a few high-value asset requirements, again these are the most mission-critical systems … on the civilian side. They have some of the most sensitive data.” He continued, “we are looking to see what kinds of technology are needed … whether it be data rights management, data loss prevention, so those efforts are underway.”
“And then with each of the task orders we have in place, for the groups across the agencies, we have different Requests for Service, so for some of the agencies today we are working on a network access control effort, for other agencies we are working more toward an assessment of utilizing the asset management controls [and] starting to automate a lot of the control assessments that are done manually today,” he said.
During his remarks today, Cox said a big program office priority for the current fiscal year and FY2020 is to “really focus on operationalizing CDM.”
He said that 50 Federal agencies are now reporting data to the Federal-level CDM dashboard, 74 smaller agencies are using the CDM shared services dashboard, and 31 agencies are reporting AWARE scores that provide cybersecurity rating data for agencies implementing CDM.
“We want to be able to start giving agencies a way to measure their security posture, to better measure their risk so they can better manage it,” Cox said today, adding there would be “more to come” soon from his office on the AWARE front. “We’re going to be coming out with more information on that as we head into October, and we are starting that rollout,” he said.
During a separate panel discussion, Cox explained that the AWARE algorithm determines how agencies are doing with “basic security measurements.” The results are particularly valuable because they are based on “very consistent” and close to real-time data.
Asked who gets access to agency AWARE scores, Cox replied that each agency will see its own score, and can compare that against a Federal average score. Beyond that, DHS’s Cybersecurity and Infrastructure Security Agency (CISA) sees all agency scores in order to be able to deliver information back to the agencies about how to improve. The scores are not shared publicly, he said, including for the obvious reason of keeping that data from potential adversaries.
Cox said that FY2019 program office priorities that will carry over to FY2020 and beyond include:
- Continued work on data consistency efforts, “to ensure from A through Z that we have good data flows, and that the data is good and timely”; and
- Continued filling of gaps in technology to identify agency assets, and to “discover what their perimeters look like, as well as gain an understanding of what they already have out in the cloud so that we know who are the cloud service providers that they are working with…what the different environments look like, and what infrastructure platforms they are on,” Cox said.
Finally, Cox offered some heartfelt comment on his role with the program and its mission. “It’s exciting to be involved in this work” and to be able to support agencies and the larger Federal government cybersecurity effort, he said. “It’s extremely rewarding … I’m lucky to be included in these efforts.”