Another agreed, saying: “In the early days of CDM, there was great brand- ing around automation. We’re going to move away from three-ring bind- ers. We’re going to get into automa- tion. Now that CDM largely is moving from reporting into the M in CDM — the mitigation part — I think we need to get back to that. It’s about auto- mating threat detection and actually taking action through automation. I think that’s going to be the key to tak- ing CDM to the next level to actually focus on threats.”
“That is true,” a third participant said, “but in the federal world, our executives speak a different language. They look at their metrics. They look at their scores and the things that Con- gress is going to ask some questions about” because they’re tied to the exec- utives’ performance plans.
The CDM dashboard should reflect those metrics, an executive said, because “it will communicate value immediately to our leadership and then we’ll get the support that we’re looking for.”
That buy-in at the highest levels is essential because DHS will no longer be financially subsidizing CDM at the agency level.
“The CFOs need to be at the table as soon as we’re making that initial purchase because they’re two years ahead for the budget process,” one participant said.
“I know that each agency’s differ- ent,” another executive said, “but I would say to help yourselves out, you want to look at your reprogram- ming requests now because it’s really between you and the Hill. And it’s really your congressional communications that will help push you over with the funding.”
Another acknowledged that the costs involved are significant but raised a deeper concern about that investment: “I don’t want new shiny toys. I don’t want stuff that might last six months. I want stuff that integrates
together so that the initial increase in my cost should be offset in X amount of time.”
One of the DHS representatives acknowledged that “a lot of agencies already have a lot of the tools, so we don’t need to buy tools. It’s more like, ‘Let’s map to the requirements, and let’s get your tools working together so that they inform the dashboard, so that your cybersecurity operations center can actually take action with that data.’ That’s where the DEFEND
program is going.”
Another participant said that, “in a
lot of cases as CDM tools are maturing over the years, it requires less touch labor to operate them or to make use of the data out of them, so you’re decreasing your labor cost. Maybe the license is a little bit more expen- sive, but you don’t need a lot of your workforce sitting around anymore. You eliminate human risk. The DEFEND acquisition allows for that evolution of technology.” n
    PERSPECTIVES
Participants
Bernard Asare
IT Security Program Manager, Office of the CIO, Department of Health and Human Services
Bruce Begnell
Deputy Director, Enterprise Network Management, Department of State
Doug Cowan
Manager, Regional Sales, Cisco
Kevin Cox
CDM Program Manager, Office of Cybersecurity and Communications, National Protection and Programs Directorate, Department of Homeland Security
Larry Hale
Director, Strategic Solutions and Security Services, General Services Administration
Benjamin Liberty
CDM Program Manager, Office of the CIO, Department of the Interior
Gustavo Limon
CDM Program Manager, National Oceanic and Atmospheric Administration
Thomas McCarty
Division Manager, Enterprise IT Services Division, Information Sharing and Services Office, Department of Homeland Security
Jim Piché
Homeland Sector Director, Federal Systems Integration and Management Center, General Services Administration
Greg Sisson
Director, Integrated Joint Cybersecurity Coordination Center, Office of the CIO, Department of Energy
Birgit Smeltzer
Program Manager, IT Security Category Management Operations, Office of IT Security Service, General Services Administration
Minh-Hai Tran-Lam
Senior Advisor, Federal Deposit Insurance Corp.
RichTroutman
IT Project Manager, Census Bureau
Steve Vetter
Strategic Solution Executive, Cisco
Note: FCW Editor-in-ChiefTroy
K. Schneider led the roundtable discussion.The May 23 gathering was underwritten by Cisco, but both the substance of the discussion and the recap on these pages are strictly editorial products. Neither Cisco nor any of the roundtable participants had input beyond their May 23 comments.
  July/August 2018
FCW.COM 23