One of the Federal programs calling for improvements in OT security in the civilian sector is Continuous Diagnostics and Mitigation (CDM). Learn how CDM came to be, how it can strengthen OT cybersecurity, and which solutions are approved by the Department of Homeland Security (DHS) to enable CDM.
What is Continuous Diagnostics and Mitigation?
Continuous Diagnostics and Mitigation (CDM) is a U.S. Federal program, established in 2012 by the current CISA, to equip Federal agencies with cybersecurity guidance, tools, and services, and the dashboards to monitor the security of their networks from the output of their CDM tools.
The program supports cybersecurity efforts by providing agencies with risk-based, strategic, and cost-effective cybersecurity guidance to protect Federal Civilian networks. Specifically, the program aims to:
Reduce the attack surface
Increase visibility into federal cybersecurity efforts
Improve incident response times and capabilities
Streamline reporting for the Federal Information Security Modernization Act (FISMA)
CDM’s New Focus on OT Cybersecurity
CDM cybersecurity efforts have been traditionally focused on Information Technology (IT), but in 2024, CISA expanded the program to include OT and the Internet of things (IoT).
With the prevalence of OT in U.S. Federal agencies, and an increase in threats to mission critical infrastructure, OT security was prioritized within CDM amid a broader government-wide effort to secure these more complex devices.
The opening salvo of 2024 in taking a closer look at these systems was FISMA’s new FY2024 guidance requiring agencies to establish an inventory of IoT assets by the end of fiscal 2024. Agency CISOs were also asked to establish a working group and create IoT and OT best practices playbooks. With its focus on ongoing risk assessment and visibility, and acting as a key means for compliance to FISMA guidelines, the CDM program naturally expanded into OT as well.
This new focus on OT systems, which are typically legacy systems not designed for software updates or patching, aims to encourage Federal agencies to prioritize the security of these assets. As part of this, the program encourages the adoption of OT-centric solutions rather than re-purposing IT-centric capabilities that are not equipped with the protocol knowledge, communications context and other capabilities critical to securing OT.
CDM’s efforts and guidelines to promote asset visibility and improved risk management are right in line with the government-wide focus on strengthening OT security and meeting FISMA’s guidance.
CDM Approved Products
As part of the CDM program, DHS assesses and approves products deemed capable of helping Civilian agencies meet the program’s goals. Now that attention is shifting to include OT, the products approved for this aspect of the program must be tailored to the unique needs of these environments. The CDM program makes sure the solutions within the program:
Automate asset identification and visibility
Improve risk management, incident response, and reporting
Monitor and respond to risk in real-time
Provide clear oversight and awareness
Streamline operations with fewer resources to perform monitoring and remediation efforts
Comply with FISMA and other federal cybersecurity mandates
Claroty’s solutions are built specifically for OT and provide the capabilities to meet each of these requirements, which earned it a spot on the DHS’s approved product list for the CDM program.
The Future of Continuous Diagnostics and Mitigation
As adversaries focus more on OT and IoT assets to target Federal networks, securing these assets will continue to be a priority. The CDM program will be key to enabling efficacy in doing so with its ever-evolving guidance and tools. Increased budget in this area, including a $278 Million grant approved by DHS for CDM, is paving the way for new opportunities to better secure OT devices.
To learn more about The Claroty Platform, serving Federal on-premises and cloud environments, and the capabilities that align to CDM, speak to a member of our team.
