Enhancing the Resilience of Federal Cybersecurity

Recent reports regarding the current state of federal cyber security have been nothing short of grim. Cyberattacks and security lapses in federal computer systems rose 5% in 2017 as a third of 3,000 cybersecurity recommendations made by the U.S. Government Accountability Office remain unheeded, the watchdog agency reported earlier this month. In addition, earlier this year, OMB and DHS conducted the most thorough review of Federal cybersecurity to date by examining the capabilities of 96 civilian agencies across 76 metrics to determine agencies’ ability to identify, detect, respond, and if necessary, recover from cyber incidents. Unfortunately, OMB found that 71 of 96 agencies (74%) participating in the process had cybersecurity programs that were either At Risk or High Risk.

In an effort to strengthen and standardize cyber security resilience across the federal government, 6 years ago congress established the CDM program to provide adequate, risk-based, and cost-effective cybersecurity and more efficiently allocate cybersecurity resources. This article takes a look at where CDM stands 6 years later.