CIOs at agencies know that the continuous diagnostics and mitigation (CDM) program is a requirement to improve their security posture across .gov domains. However, agencies may miss important operational insights if they don’t take steps to pull together and fully assess the data CDM was intended to gather.
Adilson Jardim, area vice president for public sector sales engineering at Splunk, says in a new podcast produced by CyberScoop and underwritten by Splunk, that utilizing data from CDM tools can provide essential real-time intelligence about their IT operations.
Jardim talks about the opportunities federal agencies have to leverage this data and offers recommendations agency leaders consider as they continue investing in CDM solutions beyond just improving their security posture.
Why is the CDM program important to close the security gaps in siloed systems
“There wasn’t really an enterprise architecture plan to how agencies at large went out and procured IT assets — whether they were software or hardware technology, networks, etc. … As we launched into the internet era and IT services and capabilities started to expand, most agencies hadn’t defined their own approaches to acquiring technology to enable the mission. So, there was no consistent template across the agencies for how to do this,” Jardim says.
What are the benefits to centralizing data using CDM tools
“Once you’ve got it [centralized] you don’t want that data to remain as a static asset because the value of that data is significant, not just for CDM, but for other needs. … So certainly from the CDM perspective for cybersecurity, I want to be able to take things like threat indicators and apply those threat indicators against the data I have,” Jardim explains.
How would this approach help agencies deliver more effectively on the mission
“When I consider the cybersecurity lens … there are any number of things I want to do more effectively. So, if I manage the IT budget or the security budget within an agency, I want to determine whether the investments I’ve made previously are worth sustaining and maintaining. All of that is actually manageable and discoverable in the data that we collect from CDM. So, I might discover that I have assets that are seldom, or rarely used, and determine that they are not worth scaling up,” Jardim shares.
Listen to the podcast for the full conversation on how to leverage data to comply with CDM. You can hear more coverage of “IT Security in Government” on our CyberScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.
This podcast was produced by CyberScoop and underwritten by Splunk.