Federal Chief Information Security Officer Chris DeRusha explained today that the foundational elements of the Continuous Diagnostics and Mitigation (CDM) program are fundamental to moving Federal government network security to zero trust concepts and that implementation of the program only becomes more important as cyber threats increase.
Delivering a keynote address at MeriTalk’s CDM Central: the Age of Cyber Defenders virtual conference on May 12, DeRusha recapped the CDM program’s four core capabilities – asset management, user and access management, network security management, and data protection management – and said that “focusing on these fundamentals is absolutely critical.”
Running through the list of high-profile cyber assaults that have come to light in recent months, DeRusha said, “we can talk all about the latest attacks … but we’ve got to get the fundamentals right.”
“As we move toward concepts like zero trust, I would say that getting precise implementation of these core capabilities that we’re talking about in CDM has only grown in importance when we realize what we’re going to need to do, and really get granular about that with zero…
