Enhancing Security in Telemetry Post-Processing Environments with Continuous Diagnostics and Mitigation (CDM)

Abstract

While great strides have been made in recent years by government agencies in deploying proactive network security tools, the federal government as a whole desires to continue to press the state of the art in protecting its IT infrastructure. To this end, the US Department of Homeland Security (DHS) has created the Continuous Diagnostic and Mitigation (CDM) program [1] (also known as Continuous Monitoring, CM). It strives to establish a technology framework whereby agency federal government IT networks can be continuously monitored for threats and vulnerabilities, providing an analysis and correlation capability that will enable entities to better evaluate risk. It also defines a hierarchical dash-boarding capability that facilitates both aggregation and communication of each agency's network health status into abstracted levels of summary so the federal system as a whole can be better evaluate their IT security posture. Going forward, these technologies will dramatically impact all government agencies, the Department of Defense (DOD), and commercial entities.