The Department of Homeland Security will soon launch a dashboard on top of its continuous diagnostics and mitigation program that can provide a full view of federal network activity.
Jeanette Manfra, assistant secretary of DHS’s Office of Cybersecurity and Communications, said at a Sept. 29 event hosted by the Center for Strategic and International Studies that the new dashboard would launch this month.
“This will be a game-changing capability for the government and for DHS, in particular,” she said. “Because now all of that data, it’s going to feed up to the agencies and it’s also going to feed into my organization’s operations center, the National Cybersecurity and Communications Integration Center.
“What we will be then able to do is have insight, down to the endpoint, of what’s really on people’s networks, who’s on people’s networks, what events are happening on the network,” Manfra said.
Manfra explained that the dashboard will build on the DHS’s monitoring efforts of deploying hybrid cloud and mobile sensors to track network activity with automated asset management functionality across agencies.
“My operators and analysts are then going to have this much better enterprise picture of what our risk posture is as the government, and we’ve never had this before,” she said. “It’s going to take us some time to continue to build this, both our own capability and other agencies.”
The dashboard will not only provide an expanded view of the total federal network’s health but also a secure space for government and private sector stakeholders to share threat information, Manfra said. That wasn’t the case during the 2014 Heartbleed incident, when a defect in an open-source software library exposed protected information on affected systems.
“I can go into our dashboard and know instantly who’s running that version of that system and focus the agencies on protecting that asset,” she said. “That is completely different than what we’ve had before and we’re very excited about that.”
Key to the new tool is the continued practice of information sharing across both public and private sector partners to highlight where threats may be occurring as its capabilities continue to develop.
“Where we’re at right now is sort of on the precipice of having sensing data coming in from all agencies, information from the intelligence community, information from the private sector now through automated means,” she said. “We are now going to be able to be in a place to have this access to data and be able to build an advanced analytics capability and be able to turn that around into usable, actionable information for executives.”