Recently, I had the opportunity to join many of my industry, agency, and Capitol Hill colleagues at the U.S. Capitol to discuss the Department of Homeland Security’s ongoing Continuous Diagnostics and Mitigation (CDM) program. As the CDM program enters Phase 3, it is refreshing to witness the broad traction it is gaining across these varied groups as they work together to defend our Federal networks. And it was also great to hear our own Public Sector CTO for Cisco, Dan Kent, speak at the event on current and emerging topics in IT modernization, including the need to build on security-centric foundations, embracing automation, and the potential of machine learning.

CDM is driving IT modernization

Our nation’s government-operated IT networks are some of the largest and most complex in the world. Defending these networks, and the security of the data they support, is a challenge; one made more difficult by a huge installed base of old, legacy equipment. Unfortunately, much of this cannot be updated to protect from even the most basic of modern cyber attacks (learn more about these threats in our 2018 Annual Cybersecurity Report for Government).

Older equipment also often requires a disproportionate amount of time and effort to make secure. So Federal CIOs are working hard to modernize their IT infrastructure. As they do, they are finding that the CDM program is a great tool to drive security as a foundational element of Federal IT modernization.

Security-first with increasing automation

As a panelist at the event, Cisco’s Dan Kent confirmed “government’s 8-10 year legacy life has vulnerabilities that we don’t even monitor anymore,” and emphasized that IT modernization must be built on a security-minded foundation to successfully face threats. To quickly get up to speed on the top adversaries and threats, check out our newest cybersecurity infographic on embedding security and embracing resilience.

Dan noted that until you introduce automation across all processes, you can’t have effective mitigation. He also discussed how industry is using machine learning and telemetry with software defined management to improve security by driving easier management and faster mitigation of threats, all while realizing up to 30 percent cost savings.

CDM is critical to national cybersecurity

In addition to Dan Kent, we had the opportunity to hear Rob Palmer, Executive Vice President and CTO at ShorePoint, Inc. and Congressman John Ratcliffe (R -TX 4th), highlight a shared belief in the importance of simple, open, and automated architectural guidelines in helping Federal agencies increase security and drive IT modernization.

As Congressman Ratcliffe stated during his presentation, “CDM is a critical component of our national cybersecurity strategy.” He is backing his belief with action, and has introduced a bill in congress to further IT modernization at the federal level by updating the CDM program (more here: Advancing Cybersecurity Diagnostics and Mitigation Act /H.R. 6443).

CDM helps you make the tough decisions

ShorePoint’s Rob Palmer (formerly of the DoD and DHS) emphasized how hard it is to defend larger agencies, especially with the significant number of programs and personnel they manage. He noted the tremendous value that CDM offers in such situations.

“I love CDM,” he stated, “in that fashion that it offers ‘guide rails’.” This aspect of CDM is welcomed by those leading IT modernization efforts, since it can help them make the hard decisions and focus their limited resources.

CDM: helping keep America safe

It’s clear that the CDM program is a key vehicle for upgrading the security of our government networks. In tandem with the Modernizing Government Technology (MGT) Act, the two can provide strategy and funding methods to help agencies fulfill their strategic plans for IT modernization. “There is a huge opportunity here,” added ShorePoint’s Rob Palmer. “It’s an opportunity to rethink how we deliver IT services, modernize citizen services, and improve the federal government’s way of doing business.”


To learn more about Continuous Diagnostics and Mitigation (CDM), check out these additional resources:

eBook: CDM Phase 3, Cybersecurity for Federal Agencies

Blog: What’s all the buzz about integrated, threat-driven CDM?

eBook: 5 steps to IT modernization for government

Website: The DHS CDM Program



Peter Romness

Cybersecurity Principal, US Public Sector CTO Office