CDM and the CDM DEFEND Program – Providing Enterprise Cybersecurity Across the Federal Network
By Dan Smith, VP of ManTech’s Federal Security Solutions Division
Effective cybersecurity is less a goal than a process – a continuing discipline of monitoring, fixing, and improving.
Rather than a box to be checked, with effective cybersecurity there’s always new work to be done. Experts are always reviewing, analyzing what they’ve done to better understand how the threats have shifted, the technologies have evolved, and the solutions and capabilities that we implement need to change as a result.
Further complicating the challenge, attacks continue to grow in frequency and sophistication. According to reports by the , cyberattacks targeting businesses nearly doubled from 82,000 in 2016 to 157,000 in 2017. As of June 2018, the number of reported breaches had reached 215,000, an alarming uptick.
Given the rapid evolution of such attacks to include automation and machine-driven methodologies, and the increased difficulty of identifying such exploits, today’s average cyber breach still , and costs nearly . The answer to shortening time-to-detection – and reducing the damage cyberattacks can incur, begins with a baseline continuous monitoring program.
Enter Continuous Diagnostics and Mitigation, or “CDM,” a suite of cyber defense capabilities implemented by the U.S. Department of Homeland Security (DHS) in accordance with the Federal Government's deployment of Information Security Continuous Monitoring (ISCM). The basic idea: near-real-time actionable information about the hardware and software present on your network, which users are logged in, and what they’re doing. CDM combines this persistent monitoring capability with proactive data protection.
With comprehensive insight into the current security posture, state-of-the-art tools can identify and respond to the highest-priority threats, right now.
The CDM program enables he federal government to provide cybersecurity tools and capabilities to different agencies across the .gov domain and the federal network.
The CDM program also provides those agencies with the capabilities to assess risks on their networks and to prioritize those risks so that they can solve the biggest problems first.
ManTech’s Federal CDM Work
Part of ManTech’s advantage is our ability to combine best-in-class tools with experts who can interpret – and react – to the data those tools provide. The result: tailored solutions that support the customer’s mission offering a strong sense of security in the midst of an evolving threat landscape.
ManTech’s approach enables agencies to implement CDM as a true enterprise service on their networks. This avoids one-off implementations and temporary solutions.
ManTech has held more contracts for supplying CDM services to the Federal Government than any other contractor. ManTech is the first and only provider to deliver a multi-tenant solution, using a “Shared Services Platform” for the agencies in Group F (non-CFO Act agencies), which reports agency data up to the Federal Dashboard.
ManTech has supported CDM since the program’s beginning in 2015. With the award of the Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) Group E contract, ManTech is proud to add support for Phases 3 and 4, building upon established hardware and software discovery and monitoring to grant new insights into exactly “What is going on?” in the network (Phase 3), followed by application of advanced data protections and techniques such as Micro-segmentation for additional capability and security (Phase 4).
DEFEND E agencies include:
- Department of Education ()
- Department of Housing and Urban Development ()
- HUD Office of Inspector General ()
- Environmental Protection Agency ()
- Federal Deposit Insurance Corporation ()
- Nuclear Regulatory Commission ()
- National Science Foundation ()
- Securities and Exchange Commission ()
- Small Business Administration ()
ManTech’s approach delivers high performance results, efficiency and cost savings in two ways: first, by leveraging existing agency tools and other assets to produce a tailored CDM solution; and second, by applying CDM capabilities to solve existing (non-CDM) cybersecurity challenges.
We deliver value throughout the contract, employing cyber security best practices, efficient processes, and cost-effective tools that will pay dividends well into the future.
Contact: Dan Smith at
For more about ManTech’s support of the CDM-DEFEND program, click here.
- – official overview, phases, and benefits
- – how to order