CDM team helped define cyber directives

Chainarong Prasertthai/Getty Images

Governmentwide cyber hygiene orders are increasingly taking into account the capabilities of Continuous Diagnostics and Mitigation tools.

Cybersecurity policymakers are working with the Continuous Diagnostics and Mitigation program to define requirements for binding operational directives, an official said at FCW's CDM Summit on Wednesday.

The collaboration started with the 2021 effort to clean up known, actively exploited vulnerabilities in federal systems and accelerated with the Oct. 3 Binding Operational Directive 23-01 that gave the Cybersecurity and Infrastructure Agency more visibility into agency assets on federal networks. 

"I would say starting with BOD, 22-01 and then significantly with BOD 23-01, we were much more engaged with those teams, and we were able to share with them what CDM data is actually available and what kind of automated reporting we can feasibly do," said Judy  Baltensperger, product manager for the CDM program at CISA. 

Baltensperger added: "The true potential of the dashboard is that we can take all of that available CDM data, and then we can automatically start reporting on these binding operational directives."

Zero trust at DOD

Defense Department Chief Information Officer John Sherman signed the zero trust implementation plan for the agency on Oct. 27, and an unclassified version is expected to be available for public release within two weeks, said Randy Resnick, DOD's director of zero trust portfolio management.  Resnick also spoke at the CDM Summit.

Resnick noted that while DOD isn't a big CDM user, military and intelligence domains have "benefited greatly from the defensive cyber tools …developed over the past decade and deployed under the CDM program." Specifically, Resnick called out "the advances that CDM has made in incident response reporting and coordination supporting our [zero trust] ability to not only proactively orchestrate and automate our responses to threats, but manage, mitigate, report and learn from these events when they occur."