Continuous Diagnostics and Mitigation: Making It Work--A SANS Survey

BETHESDA, Md., July 24, 2014 /PRNewswire-USNewswire/ -- The Continuous Diagnostics and Mitigation (CDM) program is improving the security levels at federal agencies that are taking advantage of the program, according to a new SANS survey on CDM adoption. In it, 44% of those who reported implementing CDM are experiencing increased security as a result.  Unfortunately, the same survey indicates that a very low number of respondents are adopting the controls.

"The survey results show some clear and reachable opportunities for agencies to better leverage their use of the CDM program and improve their security," says Tony Sager, director of the SANS Innovation Center. "It also clarifies how the other portions of the government cyber ecosystem (e.g., GSA, OMB, IGs, DHS) have to do their part if we are ever to achieve the potential of the DHS CDM program."

The goal of the survey, sponsored by FireMon, ForeScout, IBM and Symantec, was to learn what is working and what is not working for organizations implementing these controls in order to help the CDM program succeed at its goal of reducing risk through continuous monitoring and other controls.

Despite extensive outreach by DHS, the "trickle down" of information to security administrators, analysts and operations staff has been limited. CIOs (49%) and CSOs (49%) had levels of awareness significantly higher than that of security (36%) or IT administrators (21%). Even more distressing, only 5% of survey respondents reported awareness and support of their Inspectors General. This overall lack of information about the program hinders its adoption.

"While most of the technologies used in CDM are familiar, moving to continuous monitoring will require significant process change and skill enhancement," says John Pescatore, author of the report and senior director at SANS Institute. "This SANS survey showed that government security managers are worried about the training and staffing they will need to make the change from the traditional compliance-focused annual audit approach."

Lack of needed skills (36%), staffing (32%) and the ever-present budget concerns (40%) were cited as the key barriers once organizations have knowledge about the program.

Full results will be shared during an August 6 webcast at 1 PM EDT featuring Tony Sager, who formerly served in many capacities at the NSA, including as Chief Operating Officer. Register to attend the complimentary webcast at www.sans.org/info/164562

Those who register for the webcast will also receive access to the published results paper developed by SANS Analyst and emerging technologies expert, John Pescatore.

Tweet This!

Early CDM adopters improving security: SANS survey webcast Aug 6 at 1 PM
EDT. Register: http://bit.ly/CDMSurvResults #Gov #Technology

Govt IT Pros: hear results from SANS CDM Survey on Aug 6 at 1 PM EDT.
Register: http://bit.ly/CDMSurvResults #Gov #Technology

What are the benefits to those taking advantage of the DHS CDM program?
Webcast Aug 6: http://bit.ly/CDMSurvResults #Gov #Technology

Find Out Who's Taking Advantage of CDM. Survey Results Webcast 8/6, 1 PM
EDT. Register: http://bit.ly/CDMSurvResults #Gov #Technology

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted, and by far the largest source for world-class information security training and security certification in the world offering over 50 training courses. GIAC, an affiliate of the SANS Institute, is a certification body featuring over 27 hands-on, technical certifications in information security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; and it operates the Internet's early warning system - the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community. (www.SANS.org)

SOURCE SANS Institute