CDM: More relevant than ever

By Amanda Mull, contract specialist

With the recent incidents involving ransomware and other serious data breaches, security remains a top priority in federal IT.

It’s been some time since we published our last blog on CDM, so to keep our channel partners and suppliers up to date on recent changes, in the coming weeks we will be publishing a series of CDM-related blogs.

In this, our first blog, we provide some basic information and discuss a recent leadership change. Future blogs will cover the federal CDM Dashboard, IPv6 compliance, updates to common requirements and the future of the CDM SIN.

Here are some of the basics about the program:

Continuous Diagnostics and Mitigation Program 

The CDM Program was developed in 2012 to support government-wide and agency-specific efforts to provide risk-based, consistent, and cost-effective cybersecurity solutions to protect federal civilian networks across all organizational tiers.

Cybersecurity and Infrastructure Security Agency

CISA is a standalone U.S. federal agency and an operational component under Department of Homeland Security oversight that manages CDM. Its activities are a continuation of the National Protection and Programs Directorate.

Approved Products List

The CDM program includes cybersecurity tools and sensors that are reviewed by the program for conformance with Section 508, federal license users and CDM technical requirements. Each month, the program allows product submissions to encourage cybersecurity original equipment manufacturers and others to update, refresh and add new and innovative tools to the CDM APL. 

CDM Program leader returns to DOJ

Kevin Cox recently resigned from his post as CDM program manager and returns to the Department of Justice as deputy CIO this month. Mr. Cox led the CDM effort working collaboratively with federal agencies to deploy cybersecurity solutions and to identify agency networks and assets to better protect them and agency data against an evolving threat landscape. His successor has not yet been named.  

Mr. Cox will be missed as a clear-minded expert and advocate of the CDM program and development of a multipurpose federal CDM Dashboard. The key component of federal oversight, the CDM Dashboard will provide visibility across all federal networks to show how participating agencies are managing their cyber risk. The dashboard is scheduled to be completed by the end of 2021. This tool provides a snapshot of the overall cybersecurity posture and captures critical data for analysis, budgeting and improvements.


Vendors with products and services that support CDM mission objectives should make sure they are on the approved products list and keep apprised of ongoing changes. immixGroup is here to help!

If you would like more information about the direction of the CDM program and how immixGroup, Inc. can help you get your products listed on the GSA Schedule for CDM sales, please contact us at

Keep on top of trends in federal IT. Subscribe to immixGroup’s Government Sales Insider blog now!

About Amanda Mull
Currently a Contract Specialist for immixGroup, Inc. I help public sector sales professionals understand federal contracting vehicles, and respond to IT sales opportunities. Special knowledge of the DHS/CISA CDM Program for the GSA IT Schedule 70 and the U.S. Army ITES-SW2 Contract via the CHESS IT E-Mart. 20+ years as ACO for GSA schedule 84 Security, Access Control and Surveillance System Products & Services Company; 10 + years as a Corporate Compliance Officer.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: