Office of Management and Budget (OMB) memorandum M-14-03 (Nov. 2013) establishes a requirement for federal agencies to perform cybersecurity Continuous Diagnostic Mitigation (CDM) on their IT systems. OMB M-14-03, Enhancing the Security of Federal Information and Information Systems, grants authority to the Department of Homeland Security (DHS) to create and lead a CDM program for all federal agencies. Accordingly, the DHS has assembled a practical program of policies and procedures that follows NIST guidelines for information security continuous monitoring.
Our Dakota Cybersecurity team is very familiar with OMB requirements and CDM policies and procedures established by the Department of Homeland Security (DHS). The CDM program from DHS is intended to help all government entities, have an effective and consistent program that will help detect and block cyber threats. To support the CDM mandate, Dakota supports and assists agencies in implementing standard and new cybersecurity tools that prevent, identify, and deter cyber-attacks. Our enterprise approach brings automation and improved processes to identify threats, prioritize and mitigate risks, implement countermeasures, fix vulnerabilities and monitor IT systems continuously. A key strategy of the enterprise approach is aggregation, correlation and improved information delivery to enable informed decision-making. We provide:
- Security Metric Reporting (SCAP, Dashboards, FISMA)
- POA&M Management
- Configuration and Change Management
- Security Control and Compliance Reviews
- Continuous Diagnostics and Mitigation