The Fed’s EDR focus will unlock opportunities in cyber defense
January 26, 2022 Leave a comment
By Amanda Mull, Contract Specialist
The cybersecurity of the federal government is constantly under attack. A recent FISMA report from the Office of Management and Budget noted that in FY2020, agencies reported 30,819 cybersecurity incidents to the U.S. Computer Emergency Readiness Team. The variety of attack vectors continues to evolve, creating a dynamic threat landscape.
The government is addressing this challenge by mandating Endpoint Detection and Response (EDR) tools. Companies that can offer these tools and capabilities will be well-positioned to build their federal customer portfolio.
EDR is an integrated security solution that detects threats by combining real-time continuous monitoring and collection of endpoint data with rules-based automated responses and analysis capabilities. The data collected helps determine system security. Evaluation and machine analysis of the data provides coordinated detection of threats and conditions that elicit programmed responses, including follow up via human notifications and further actions to mitigate any potential or actual threats.
EDR initiatives and Approved Product listing
On January 10, the Cybersecurity and Infrastructure Security Agency announced an expanded and revised EDR technical capability definition and new requirements for adding EDR items to the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program’s Approved Product List.
The federal EDR initiative includes a CISA dashboard to record data collected from all federal executive agency and department information systems. The dashboard metrics are intended to provide an overall federal cyber threat analysis. OMB and other federal actors plan to use the dashboard metrics to evaluate vulnerabilities and make budgetary decisions to fund cybersecurity improvements.
Agency EDR responsibilities and FISMA updating
Expectations for agency engagement are high. EDR implementation is mandated, and agencies must continue to develop and mature their EDR solutions – along with continued reporting of endpoint data to the coordinated CISA federal dashboard.
Read more of this post