Teresa Johnson
Federal agencies have spent the last several years putting their Zero Trust (ZT) architecture in place as the foundation for a “never trust, always verify” cybersecurity strategy. The Continuous Diagnostics and Mitigation (CDM) program at the Cybersecurity and Infrastructure Security Agency (CISA) has been a key facilitator for agencies pursuing ZT, since continuously identifying and fixing cybersecurity threats is one of CISA’s central missions.
CISA’s new CDM Data Model Document (DMD) sets out the minimum set of data requirements needed to leverage the CDM solution to reduce every agency’s threat surface, increase visibility into the federal cybersecurity posture, improve cybersecurity response capabilities, and streamline FISMA reporting.