“By this time next year, officials at the Cybersecurity and Infrastructure Security Agency plan to offer a revamped Continuous Diagnostics and Mitigation program that will improve security while relieving agencies’ compliance reporting burdens, as intended.
‘As we see it, in [fiscal year] ‘21, we’ll really be able to show the promise of CDM,’ said Kevin Cox, a program manager overseeing updates to the CISA operation…”
“‘What we want to do through the pilots that we’ve had engaging with the different CSPs, the cloud service providers,’ Kox said, “’is make sure that we have a full understanding of the data they have available, look at, for example, how the data that they have available aligns with the CDM requirements. And then make sure that that is available to the agencies, that they have that real-time and near real-time understanding of the protections they have in the cloud.’
In terms of new tools, Cox said that with greater use of encryption, endpoint detection and response technology should play an important role…” Read the full article here.
Source: What to Expect from CISA’s Continuous Diagnostics and Mitigation Efforts in 2021 – By Mariam Baksh, December 4, 2020. Nextgov.