SOC-as-a-Service may be the first of multiple CDM shared services
As the Department of Homeland Security moves closer to connecting agencies of all sizes to its Continuous Diagnostics and Mitigation program, officials are looking for other cybersecurity offerings the program could develop as a shared service provider.
CDM program manager Kevin Cox told FedScoop at the Gigamon Public Sector Cybersecurity Summit on Thursday that as the department works to incorporate smaller agencies onto a multi-tenant platform of continuous monitoring services, it’s also exploring what cybersecurity tools it could deploy across the executive branch.
“There is an interest in expanding out our shared services offerings beyond that shared service for the non-[Chief Financial Officers] Act agency population to look at other shared services that could benefit all of the agencies, large or small,” he said.
CDM is already exploring security operations center-as-a-service capabilities in response to the White House’s recent IT Modernization report, which called for the initiative as part of federal agencies’ move to cloud computing.
Cox said the CDM program team wants to examine how to stand up the capability through its shared services platform while the administration decides how it might deploy it as part of its IT policy.
“What we are looking to do, to the extent that it makes sense, is be able to support SOC-as-a-service in the future if [the Office of Management and Budget] comes to us and says, ‘CDM, we’d like you to work with different agencies to get a SOC-as-a-service capability in place,” he said. “So depending what comes out of that action, through IT modernization, will then determine what role CDM plays in that regard.”
But the platform could host other cyber offerings as well, Cox said.
“It’s a wide-range of possibilities, but there’s nothing that has been defined today as what those other shared services might be,” he said.
CDM received an authority to operate for the shared services platform in March and is in the process of onboarding smaller agencies, with the goal of exchanging information with an overall federal dashboard by the end of June.
The program already has 15 CFO Act agencies reporting their data through a series of individual dashboards feeding into the federal dashboard. Cox said the remaining eight agencies should be reporting in the next month, barring networking issues.