“Agencies will be able to compare their cybersecurity risk scores to the federal average when the Continuous Diagnostics and Monitoring program starts showing them on dashboards Oct. 1.”
“The Agency-Wide Adaptive Risk Enumeration, or AWARE, algorithm measures how agencies are doing on basic security practices like vulnerability, patch and configuration management in near real time. A smaller cumulative score represents a smaller cyberattack surface.”
“Currently 23 Chief Financial Officers Act agencies and 30 others are set to receive AWARE scores with 40 more on the horizon, said Kevin Cox, CDM program manager for the Cybersecurity and Infrastructure Security Agency (CISA).”
“The AWARE algorithm is one half of CDM’s multi-year effort to establish a federal risk posture while helping agencies better understand their own…” Read the full article here.
Source: CDM’s agency cyber risk scores will be relative, at least initially – By Dave Nyczepir, September 6, 2019. FedScoop.