2018 in review: CDM gets some big-dollar upgrades

The Department of Homeland Security’s signature cybersecurity program underwent a significant series of developments in 2018, ranging from new network dashboards to a spate of multi-billion-dollar contracts.

The continuous diagnostics and mitigation (CDM) program advanced progress on its Phase 3 plans this year, standing up a collection of data dashboards to monitor network traffic throughout federal agencies.

Officials also aimed to provide agency CISOs more flexibility to acquire the program’s cyber tools in a massive recompete of CDM contracts that were awarded over the summer and fall.

The combination of new visibility for agencies and new cybersecurity tools was intended to bolster the cyber defenses across the federal enterprise, hopefully allowing CDM to provide greater protection of government networks.

But while the acquisitions came fast, transitions to the CDM dashboards took a measured pace. Congress and the Trump administration also signaled the intent to reshape policies behind the program to reflect more efficiency and to solidify agencies’ stature in the cybersecurity sphere.

Here’s a look back at CDM’s highlights in 2018:

February: CDM awarded a six-year, $621 million contract to Booz Allen Hamilton as part of its Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) program for Group B. The DEFEND contracts offer agencies updated cyber tools through a series of task orders that will be awarded throughout the year.­

Group B includes the departments of Agriculture, Energy, Interior, Transportation and Veterans Affairs, plus the Executive Office of the President and the Office of Personnel Management.

March: CDM program manager Kevin Cox said that portions of the CFO Act agencies had begun reporting their data to individual dashboards that would allow the program to monitor their network traffic.

DHS officials also received an authority to operate for a shared services network dashboard that would monitor small agency networks, plus provide a host of potential cyber capabilities.

April: Following DHS’s decision to consolidate its 16 security operations centers (SOCs), Cox said that the CDM program was “exploring” providing SOC-as-a-service capabilities through its newly created shared services dashboard.

June: CACI secures a $407 million contract to provide new cyber tools for CDM DEFEND’s Group A, which includes DHS and its components. Cox said then he expected $1 billion worth of DEFEND contracts will be awarded over the course of the summer.

July: Rep. John Ratcliffe, R-Texas, introduced the Advancing Cybersecurity Diagnostics and Mitigation Act, which aims to make the CDM program a systemic requirement for DHS and calls on its secretary to deliver a comprehensive CDM strategy to deliver to Congress.

CGI Federal secured the $530 million Group C contract to service the departments of Commerce, Justice, Labor, State and the U.S. Agency for International Development.

August: Booz Allen Hamilton obtained its second DEFEND award, a $1.03 billion contract for Group D, which includes the General Services Administration, Department of Health and Human Services, NASA, Social Security Administration, Department of the Treasury and the U.S. Postal Service.

Cox also said later that month that CDM was working on addressing the challenges of monitoring mobile devices on federal networks by leveraging the request for service (RFS) functions built into the $530 million DEFEND Group C contract.

September: The House passed the Advancing Cybersecurity Diagnostics and Mitigation Act in a voice vote, while ManTech obtained the $668 million DEFEND Group E contract.

The contract serves the departments of Education and Housing and Urban Development, the HUD Office of Inspector General, the Environmental Protection Agency, the Federal Deposit Insurance Corporation, Nuclear Regulatory Commission, National Science Foundation, Securities and Exchange Commission and Small Business Administration.

October: The Office of Management and Budget issues new FISMA guidance that requires agencies to purchase continuous monitoring tools from CDM contract vehicle unless they can provide a valid reason not to.