Transform and future-proof cybersecurity with CDM DEFEND
The DHS Continuous Diagnostics and
Mitigation (CDM) program is pivotal to improving government cyber
security. Federal agencies are using CDM to not only acquire
products, but also services and assessments to help identify,
prioritize and mitigate cyber security risks.
CDM Structure and Progress
The program consists of four phases of
activity designed to provide agencies and federal leadership with near
real-time information about the state of their networks. This will
enable agencies to better detect, protect, respond to and recover from
cyber events. The program is being deployed across 70 civilian
agencies, including the 23 Chief Financial Officer (CFO) Act agencies.
CDM is structured in four phases, each with a specific cyber security focus:
- CDM Phase 1– Identify, audit and
report what is on the network
- CDM Phase 2– Identify who is
on the network
- CDM Phase 3– Identify what is happening on
- CDM Phase 4– Provide the capability for data
The CDM program has entered Phase 3,
moving from discovery and management of government networks to active
defense and response. This phase focuses on monitoring what is
actually happening on the network, offering federal agencies the
opportunity to significantly advance the capabilities of their cyber
security programs. Phase 3 brings flexibility because agencies are
responsible for identifying their own gaps and selecting the solutions
and services to address those gaps.
The contract/task order component of
Phase 3, known as Dynamic and Evolving Federal Enterprise Network
Defense (DEFEND), provides professional expertise to understand what
is happening on networks and effectively respond to security incidents.
Multiple FireEye products and services
map to specific CDM DEFEND program capability requirements such as
Boundary Protection (Bound), Event Management (MNGEVT), Operate,
Monitor and Improve (OMI) and Design/Build-In Security (DBS).
To learn more, download our CDM Solution Brief.