The Continuous Diagnostics and Mitigation program is designed to provide federal agencies with the tools needed to help improve their cybersecurity posture — namely visibility into who and what is operating on their networks.
But a new survey examining the implementation of the Department of Homeland Security’s network security program suggests a perceptional divide exists between agency managers and the stakeholders tasked with deploying it.
The survey, developed in partnership with Forcepoint and Market Connections, polled 200 respondents from civilian and independent federal agencies, finding that managers felt the CDM program would be far more effective than those tasked with implementing at their agencies did.
Asked whether they were optimistic about the current effectiveness of the program’s first two phases at their agencies — which monitor the data and users on the network — 88 percent of managers expressed a positive outlook, compared to just 31 percent of the respondents deemed implementers.
Managers say they’ll still have a rosier outlook for the program’s effectiveness once all four phases of the CDM program are deployed, with 81 percent confident in its capabilities compared to 54 percent of implementers.
The survey’s authors said the disparity may result from the current applicability of the program for frontline employees and agencies’ legacy systems compared to the potential benefits it could provide managers in securing positive outcomes.
One key issue to bridging that gap, it seems, is ensuring that CDM tools are compatible across the enterprise. The survey found that nine out of 10 respondents cited interoperability as the top challenge for agencies, noting the importance of integration as more capabilities become available.
“The majority [of respondents] say their current technology stack is at a minimum somewhat complicated, but as they continue to add to it to meet CDM requirements, the complexity increases,” the report said. “Some respondents also currently have tools that already technically solve various CDM requirements. However, lack of integration between these tools means they are not getting a full picture of what is going on that an integrated solution would deliver. This may create more alerts and require more staff, rather than providing the analytic insights and, in some cases, automated enforcement that an integrated solution could deliver.”
The challenge for agency leaders, the survey noted, is modernizing their IT systems to capitalize on the benefits the CDM program can offer, namely its potential risk-adaptive management and ongoing technology refreshes, by aligning those capabilities to their IT systems.
“Savvy government CISOs and CIOs will leverage the CDM program to modernize their infrastructure while cutting out ineffective legacy technologies and reducing costs at the same time,” the report said. “However, to be truly effective, managers and implementers need to be in alignment about the benefits and explore all that CDM solutions offer, recognizing that implementation is far more than checking a box.”
The CDM program recently awarded a series of contracts for its Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) program to refresh its capabilities for agencies, the last coming in September.