The rollout of the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) Program has been a game changer for government agencies. And whether you realize it or not, you’re just getting to the good part. As you leave Phases 1 and 2 behind (who and what is on the network) and begin your push into Phase 3 with security controls and boundary protection, a new opportunity is exploding across the CDM landscape: integrated, threat-driven security.

CDM: It’s more than just compliance

Getting your agency’s CDM approach in line with Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) guidelines definitely helps you meet compliance. And, in general, CDM can help speed your deployment times and streamline processes because it lets you use industry-leading, commercial off-the-shelf (COTS) tools. Since this is all good for government, we often stop right there as far as the value we see in CDM. But the truth is, CDM is about more than just meeting compliance.

When it comes to selecting the right CDM approach for your agency, not all DHS approved solutions are equal. You can now add even more value by leveraging integrated, threat-driven security via a variety of simple, open, and automated solutions. And best of all, you may be able to do so using much of your existing infrastructure.


Why you need integrated, threat-driven security

The Internet of Things (IoT) is here to stay, and with the federal move to the cloud, it is becoming the key method of connectivity for millions of end users and their devices. As a result, security can be complex. But the resolution is often a matter of buying whatever tool is available to gain a temporary fix. After a few fixes, the complexity becomes overwhelming and in some cases, unsustainable, as your network slows to a crawl (which, ironically, is the same goal as your adversaries).

Securing this flood of IoT data is probably the biggest challenge facing government today. To address this, the government needs integrated and secured networks that can scale with the explosion of data, devices and sensors. This means moving beyond prevention, detection, and response to deploy predictive, proactive capabilities. This requires continuous visibility and validation that is fully integrated at every level and working 24/7 to model behaviors that signal a red flag for your network.

Simple, open, and automated cybersecurity

As the IoT evolves, it will bring new opportunities and threats to your agency’s doorstep. So you’ll need to embed the following characteristics into your network to stay secure:

  • Simplicity in provisioning and operation
  • Open, future-proof integration
  • Automated, proactive responses that speed resolution.

The network reimagined

The evolving, dynamic threat landscape requires a holistic and integrated, threat-driven network; one that can accurately map emerging threats and evolve as they do. Basically, a new approach to network security. But how can you “reimagine” traditional network security to face these growing threats? Simple, you make it intuitive.

One solution stands out from other DHS CDM approved solutions in this regard. It’s the Cisco Intuitive Network, featuring Software-Defined Access (SDA), which takes Software-Defined Networking (SDN) to an entirely new level. The Intuitive Network (what Gartner calls “Intent-Based Networking”) uses machine learning to predict issues and take corrective action before the network is compromised or damaged. It translates your agency’s networking intent, validates it, activates and provisions it, and then assures the network is performing as commanded.

Machine learning and artificial intelligence are key to the future of networking and security. Together, they can power intuitive networks that are constantly learning, adapting, and protecting. And the approach truly is intuitive; the more it’s used, the wiser it becomes.

The Intuitive Network weaves the security industry’s largest and most comprehensive integrated portfolio of cybersecurity products and offerings. Plus, it empowers your agency with one of the world’s leading cyber-threat intelligence organizations, the Talos Group, to keep your network ahead of the rapidly changing threat landscape.

Learn how

Building your agency’s integrated and intuitive network for CDM might seem complicated. You may have questions like how do you start and do you have to overhaul your entire infrastructure? The answers may be simpler than you realize since your existing Cisco security investments are already on the CDM Approved Products list.

We’d like to invite you to join us as we discuss how you can leverage your existing investment in Cisco to meet CDM and FISMA requirements. We’ll also walk you through CDM and NIST. Be sure to register right below.

Free Webinar: Leveraging existing Cisco infrastructure for CDM

Via Webex/Wednesday, June 27th at 1:00 PM ET

Register at: http://cs.co/HowToLeverageExistingInfrastructureForCDM


To learn more about the value of continuous diagnostics monitoring and adopting industry leading security for government, check out:

eBook: CDM Phase 3 Cybersecurity for Federal Agencies

The official DHS CDM website at https://www.dhs.gov/cdm

Talos Intelligence at https://www.talosintelligence.com/

Cisco Cybersecurity Solutions for Government at https://www.cisco.com/c/en/us/solutions/industries/government/federal-government-solutions/cybersecurity-solutions-government.html




Steve Vetter

Senior Strategic Solution Executive and Federal Strategist

U.S. Public Sector