New CDM award expected in coming days
NOTE: A version of this story first appeared on FCW.com.
- By Derek B. Johnson
- May 23, 2019
The Department of Homeland Security is expected to make an award any day now for a new Continuous Diagnostics and Mitigation program dashboard that will lay the groundwork for greater usage of artificial intelligence and machine learning going forward.
At a May 22 FCW event, CDM Program Manager Kevin Cox said the new award, expected to be announced "within the next few days," will attempt to refashion the dashboard to better incorporate emerging technologies and improve the use of the "treasure trove" of data created through CDM.
"It's going to take us a few years to get everything in place, but this is what's going to enable us to get to the more advanced capabilities," said Cox. "Being able to bring in machine learning to interact with the data and get additional value for the agencies, bringing in AI to write the algorithms to really expand out what we can do with the data. Because we do really have a treasure trove of data here, not just from a security standpoint but also from an operational standpoint."
DHS spent much of last year working to get larger agencies hooked up to the federal dashboard, while spending much of this year onboarding smaller, non-CFO Act agencies.
The contract will also help better integrate and feed data into AWARE, the new risk-scoring algorithm that DHS will use to evaluate the cybersecurity posture of participating agencies. That algorithm will undergo a soft launch in October, measuring things like vulnerability management, patching and configuration, and Cox has said the ultimate goal is to pull more detailed metrics in at some point in the future.
An April shared services memo put out by the Office of Management and Budget will not directly affect the CDM program, Cox said, but the program "aligns" with the memo's intent and could be called upon to support future cybersecurity shared service initiatives.
The April 26 memo established DHS as the lead Quality Service Management Office for cybersecurity shared services, and while broader efforts will likely require a separate task order vehicle, the department is looking at CDM and its shared services program for small and micro agencies for lessons learned and future ideas.
"One that's commonly discussed is [security operations center]-as-a-service and where the federal government wants to go with that," he said. "We're part of that conversation, we're at the table in terms of where can CDM help with that type of offering and likewise future offerings as well."
Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.
Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.
Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at email@example.com, or follow him on Twitter @derekdoestech.
Click here for previous articles by Johnson.