The Department of Homeland Security (DHS) plans next month to stand up a governmentwide dashboard that will give the agency visibility into all of the Federal networks.
The dashboard is part of the Continuous Diagnostics and Mitigation (CDM) program, which was supported in the White House’s IT Modernization report.
“We’re deploying sensors inside agency networks for the first time,” Jeanette Manfra, assistant secretary of the Office of Cybersecurity and Communications at DHS, said at the Center for Strategic and International Studies on Sept. 29.
DHS began putting sensors on endpoints inside on-premise data centers and is working on placing sensors inside cloud networks.
“This will be a game-changing capability for the Federal government and for the agency in particular,” Manfra said.
The data from the dashboard will be shared with the individual agencies as well as with the cybersecurity department at DHS. The sensors will give DHS “insight down to the end point” on the traffic within the Federal networks. DHS will be able to use this information to conduct net flow analysis.
Areas with heavy traffic will show DHS where to focus more cybersecurity measures. This follows with DHS’s focus on changing the way agencies view cybersecurity from a purely technical problem to a risk management problem. When the dashboard detects a cyberattack, DHS will have a protected information sharing platform in order to communicate with the affected agency and resolve the situation.
“That is completely different than we’ve ever had before,” Manfra said.
Manfra said that eventually she hopes that this technology will spread to protect critical infrastructure.
Manfra said that in order to strengthen Federal cybersecurity, agencies need to modernize their legacy IT systems.
“The government struggles just like every organization with how to allocate limited resources,”
Manfra said that the White House’s IT Modernization report and Rep. Will Hurd’s Modernizing Government Technology Act will emphasize the need to update IT systems. Manfra said that agencies need a new way to procure technology and to use shared services.
Manfra said that once legacy IT systems are eliminated, agencies will be able to focus on obtaining new cybersecurity tools. Manfra said that modernizing networks will mitigate some cybersecurity issues, but new technologies are needed to completely secure Federal systems.
“The more we modernize our IT systems, we do reduce our vulnerabilities,” Manfra said.