In 2019, the Defense Department embarked on two new cybersecurity programs: Automated Continuous Endpoint Monitoring, or ACEM, and Comply-to-Connect, or C2C. These programs are changing the way the Defense defines and defends its networks. The outcome will be a vastly improved enterprise security posture as well as advanced automation that will let Defense redirect limited resources toward higher-order cybersecurity missions.
ACEM and C2C share the common goal of ensuring that the department knows what is connecting to and what is happening on its networks (in agency-speak, “domain awareness”). ACEM is intended to help solve the problem of detecting and profiling Windows-based devices, or endpoints, and account for the software on them. C2C will solve the problem of detecting, profiling and securing non-traditional categories of devices such as internet of things or networked operational technology, including, for example, industrial controllers. Firmly grounded in the National Institute of Standards and Technology’s Cybersecurity Framework and the Center for Internet Security top 20 critical controls, these two programs will give Defense the capability to monitor every…
