As federal agencies deal with the impacts of the COVID-19 pandemic on where and how employees work, federal CIOs that were already facing constraints securing their networks prior to the pandemic now have to contend with network security for the new working environment. With some employees working onsite, some remaining completely remote, or some moving their access points between remote locations and federal offices, technology teams are faced with new costs for additional cybersecurity tools to accommodate the shift in where and how people are working.

One resource civilian agencies can use to offset the cost, implementation, and ongoing maintenance of new cybersecurity resources is the Continuous Diagnostic and Mitigation (CDM) Program. The CDM Program is designed to help federal civilian agencies fortify their security posture and fill any gaps by removing barriers. Working with the Department of Homeland Security, the program helps agencies identify cybersecurity risks, prioritize those risks based upon potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first.

Researched and Approved Security Technology – And They Cover the Costs

DHS has already vetted cybersecurity technology tools to determine which ones would support federal agency needs, even during a pandemic. The cost of these vetted tools can be covered by the CDM Program, saving federal agencies time in dealing with procurement contracts and new budget cycles.

As the working world changed nearly overnight due to COVID-19, saving time and money on research and procurement is significant for CIOs trying to keep their networks secure in this new working environment.

Adoption and Implementation

The CDM program supports agencies with a roadmap to implement and optimize the right security tools for that agency, automate processes, and monitor activity in real time. The program is designed to support securing agency networks in four phases:

  • Asset Management What is on the Network?
  • Identity and Access Management
  • Network Security Management
  • Data Protection Management

As agencies implement each phase, technology teams gain access to more information that is fed into easy-to-read dashboards updated in real time, giving them visibility into what is happening across their network. The dashboards receive, aggregate, and display information, which alerts IT teams to issues, risks, and attacks.

With the easy to use dashboards that collect information on an ongoing basis through an automated process, IT teams are empowered to respond to discovered gaps, threats, and attacks.

An added benefit of the dashboards is they help agencies meet Federal Information Security Modernization Act (FISMA) reporting.

Asset Management: What is on the Network?

In order to protect a network, CIOs need to understand exactly what is on it. This can be a challenge with employees working in remote locations using multiple devices. During the Asset Management phase, DHS deploys sensors to discover everything connected to the network. Agencies can then focus on problem areas and gaps, and deploy security tools that automate hardware and software asset management, configuration settings, and common vulnerability management capabilities.

Identity and Access Management: Who is on the Network?

Once CIOs know what is on their network, they need to know who is accessing it. In the next phase, sensors look for access points and privilege protocols. Agencies can then configure security tools to handle privilege management and monitor users on their networks. These tools can also detect whether users are engaging in unauthorized activity, and spot unusual trends in behaviors.

Network Security Management: What is Happening on the Network?

Moving into the next phase, technology teams can assess their network security and activity, find security gaps both at the perimeter and inside, and deploy automated tools to monitor their network and identify any threats of anomalies.

Data Protection Management: How is Data Protected?

Phase 4 provides insights and tools to protect data at rest, in transit, and in use to prevent data loss and manage events.

As agencies progress through implementing each phase, technology teams gain access to more information that is fed into easy-to-read dashboards updated in real time.

While some CIOs found it difficult to overcome barriers to adoption prior to the pandemic, including concerns over losing control of their data and uncertainty about existing technology integrating with CDM Program tools, the benefits of strengthening your security posture quickly and with minimal impact to existing budgets during this time is worth exploring.

How Are Manufacturers Helping With CDM?

Trusted IT manufacturers, like Cisco, have CDM solutions for policy and access, next-generation network security, advanced threat protection, and content security. All solutions that can help federal agencies fulfill the CDM mandate, stay on the forefront of cybersecurity technology, and best protect critical information. Cisco’s CDM solutions are well-respected by industry and government agencies and sold by Force 3.

Regardless if you are ready to jump on board or hesitant to use the program, talking to a service provider about your current security landscape if a good first step. The service provider can help with the implementation of the sensors, recommend the right tools based on the sensor findings, implement those tools, then integrate and optimize them across your network. They can also offer ongoing support in reading dashboard findings and responding to threats. Service providers act as an extension of your technology team, and can support you virtually or onsite based on your current working environment.

Related Blog Posts

See All Blogs

Sirius Federal Awarded CMMI Level 3 Certification

Sirius Federal, a CDW Company, a leading national IT solutions integrator for the federal government, announced today that it has been awarded the distinguished Capability Maturity Model Integration (CMMI) Level 3 certification. The CMMI certification was created by the Software…

Sirius Federal Named Cisco Federal Intelligence Partner of the Year at Cisco Partner Summit 2021

  Crofton, MD – 16 November 2021 — Sirius Federal, a Sirius Computer Solutions Company, has been named the Cisco Federal Intelligence Partner of the Year for the second time in three years. Cisco announced the winners during its annual partner…

How Proper Collaboration Tools Make or Break Long-Term Telework Plans for Federal Agencies

Effective collaboration tools can eliminate silos and accelerate missions. But getting to a modern and secure collaboration environment can be a daunting task for federal agencies, especially with today’s mobile workforce. In the year and a half since the onset…

Sirius Federal Helps Maryland Food Bank Fight Hunger Through Virtual Food Drive

Sirius Federal ran a virtual food drive during the month of September to support the Maryland Food Bank in its fight against hunger insecurities.

Sirius Federal Kicks Off America’s VetDogs Partnership

Sirius Federal recently kicked off our partnership with America’s VetDogs, a charity dedicated to providing service and guide dogs for veterans and first responders.

The Role AI Has in Redefining Federal Telehealth Practices

Federal telehealth practices use AI to uncover the best mix of human and machine communication, leading to more productive care and treatment.

White House Encourages Federal Agencies to Modernize Their Data Centers

Government agencies encouraged to modernize in response to cybersecurity threats.

The Need for Exhaustive Data Protection in the Federal Government

SolarWinds breach prompts federal courts to add new security procedures to protect highly sensitive court documents.

Key Ways Converged Infrastructure Can Help Your Agency Conquer Cloud Migration

Learn how converged infrastructure can help your agency ditch the silos and modernize your data center for today’s cloud world.

Federal IT Focus Areas for 2H of 2021

In the aftermath of an unprecedented year riddled with a teleworking surge, election-year tension and—last but certainly not least—a global pandemic affecting every industry and organization in our nation, it’s safe to say that 2021 was welcomed with open arms.…

5 Tools to Help Federal Employees Return to Work Safely

As COVID-19 restrictions continue to ease across the country, federal agencies are slowly bringing employees back into the office. However, many employees who have spent several months working in a remote environment may be nervous about returning to the office,…

Remote, Hybrid, Onsite – Tools To Secure Federal Networks No Matter Where Teams Work

As COVID-19 restrictions ease, federal agencies are beginning to bring employees back into the office. Whether teams are returning to the office full time, continuing to work in a remote environment, or using a hybrid approach, the top priority is…

Sirius Federal Awarded ITES-SW2 Contract

Crofton, MD—September 9, 2020— Sirius Federal, a Sirius company, has been awarded the Information Technology Enterprise Solutions-Software 2 (ITES-SW2) contract. In addition to helping save time on procurement and cutting costs by consolidating their software purchases, the ITES-SW2 contract allows…

Sirius Federal Gives Back to the Community Through Virtual Food Drive

Philanthropy and community outreach have always been an integral part of Sirius Federal’s corporate culture. To support those in need in our communities, Sirius Federal is running a Virtual Food Drive during the month of September to support the Maryland…

Ignore the Workforce at Your IT Modernization Peril

Federal agencies are currently faced with the daunting task of modernizing billions of dollars’ worth of outdated technology. On the path to IT modernization success, the investment in technology represents only half the battle though — agencies also need to…

Sirius Federal Named Public Sector Partner of the Year and Federal Intelligence Partner of the Year at Cisco Partner Summit

This week, Sirius Federal was recognized for our leadership in the public sector by receiving two awards at the Cisco Partner Summit in Las Vegas, NV. Sirius Federal was named the Americas Geographical Region Public Sector Partner of the Year…

Creating a Disaster Recovery Plan that Keeps Pace with Technology

The fear of a disaster in your data center is what nightmares are made of for technology teams. Are the systems backed-up properly? Will we lose data? How much downtime will we incur? Does the team know what to do?…

Protecting your Agency from Phishing

As we spend an increasingly large percentage of our time online, we’ve become aware of the malicious tactics used to trick us into downloading malware or betraying our credentials. Even as our built-in threat detection improves, we risk letting it…

Choosing an IT Solution Provider that Keeps Projects on Track

Most of us have experienced a project that hasn’t gone quite as planned. Information wasn’t received at the right time, different teams had completely different interpretations of the requirements, or somebody didn’t realize they were responsible for a task. Little…

TechTarget: Big Blue Drives Collaboration Among IBM Business Partners

IBM is investing in resources and business processes to make it easier for IBM business partners to create alliances with each other. Following last month's IBM Think conference in San Francisco, Senior Director of Software Practice Charles Fullwood discusses the…

Deployment and Resident Engineers Deliver On-Site Solutions

At Sirius Federal, we provide solutions. From infrastructure management to cloud migration, we create custom answers to federal IT’s most pressing problems. But we believe strong, sustainable solutions involve more than just software and hardware. What agencies often need most…

WBJ: Here’s What it Takes for a Mid-Tier Maryland Contractor to Compete in Evolving Federal IT Marketplace

More than three-fourths of federal government agencies — about 77 percent, according to a Government Accountability Office report — will not meet their planned technology modernization goals by the end of the year. Our CEO, Mike Greaney, recently sat down…

The Rally Call for Digital Transformation Is Here: Are You Ready for the Journey?

Today, digital transformation has become the rallying cry for government organizations aiming to innovate and improve operations. The promise of digital transformation is profound: faster and more informed decision-making, improved customer insights, greater cost savings, more reliable products and services,…

3 Tactics to Avoid Insider Threats Posed by Third-Party Contractors

"The balance between too much security and too little is delicate. Overzealous access policies can bring efficiency and productivity to a screeching halt. But an overly lax approach can expose sensitive data to people who don’t need it and shouldn’t…

Improving Insider Threat Detection with Security Integration

With cyber-attacks like Nyetya and WannaCry dominating headlines over the last several months, you’d think malware would top the list of security pro’s biggest concerns. But you’d be wrong, according to the SANS Institute’s 2017 annual data security survey. While…

Unstructured Data: The Threat You Cannot See

In this article for Dark Reading, Sirius Federal software practice director Charles Fullwood examines why security teams needs to take a cognitive approach to the increasing volumes of data flowing from sources they don't control. Every day, IT security teams…

Expect security, cloud spending in 2018 Federal IT Budget

In recent interviews with TechTarget, industry leaders--including Sirius Federal's Greg Kushto--cited an uptick in federal IT procurement activity during the government's fiscal fourth quarter and expected FY 2018 to feature security and cloud investments. IT solution providers planning to pursue…

NextGov: How to Unleash Federal IT Workers as Changemakers

Written by Sirius Federal's vice president of client solutions Jason Parry, this article was originally published at The public-sector workforce has always been plagued by stereotypes. To the layman, “government job” calls to mind images of a middle-aged bureaucrat,…

SearchITChannel: New tech, old virtues keep server virtualization going

"Server virtualization is well past the peak of the technology adoption curve, but SMB customers, open source technology and hybrid clouds keep demand going." —John Moore, SearchITChannel Server virtualization platforms have been around for ages and would seem to be old…

FedTech: How to Make the Most of the Federal Hiring Freeze

Although the freeze may constrain resources, it is also an opportunity to conduct an IT inventory, invest in training and prioritize projects. In this article for FedTech, writer Phil Goldstein addresses how federal agencies are handling the recently announced federal…