A peek inside the government’s cyber strategy

By Nick Mirabile, director of cybersecurity

It seems like every month there’s a new high-profile cyberattack wreaking havoc on our networks. Which is why we recently gathered three federal IT leaders to talk about cybersecurity and how they’re safeguarding their agencies in an era of emerging threats.

This panel discussion last month was fascinating, with success stories on what they’re doing to protect networks, as well as the biggest challenges for how to stay ahead of the threats. I picked up on a few themes important for companies selling cybersecurity solutions to agencies:

Read more of this post

What You Need to Know About CDM’s Latest Update

Jenni Taylor_65x85CDM eventBy Jenni Taylor, Contracts Programs Manager

immixGroup’s headquarters was a flurry of activity recently when we brought in tech companies to meet with contractors on the Department of Homeland Security’s Continuous Diagnostic and Mitigation program. It was our 4th CDM Speed Networking event, in support of CDM team leads, prime contractors and CDM providers and customers—something we organize every time the program is about to cross into a new phase.

We’ve had some updates since the event, with the most recent being a Request for Information (RFI) released this month that asks for industry input on Phase III capabilities and technologies. The RFI specifically wants to hear about secure orchestration, emerging data standards, and analytics tools to support timely detection and response to cyber events.

Read more of this post

Is the Workforce Ready and Able to Fight Cyber Threats?

Lloyd McCoy Jr.By Lloyd McCoy Jr., DOD Manager

The federal spymuseumevent-0281government’s cyber workforce will be the biggest determining factor in how
well government agencies tackle the rising cyber threat. That was the prevailing theme at the Federal Cybersecurity Update 2016 held at the International Spy Museum earlier this week. The event was organized by immixGroup, FedInsider, and George Washington University Center for Excellence in Public Leadership.

Leading representatives from the federal government and academia emphasized the importance of an effective cyber workforce. They also pointed out that the general workforce should be considered cyber defenders since they have a huge responsibility in mitigating vulnerabilities by using proper cyber hygiene. Many of the panelists admitted they frequently spear phish their employees to boost awareness and enforce commonsense practices.

Read more of this post

DHS’s Lessons Learned from Heartbleed

Tomas OKeefe_65x85

by Tomas O’Keefe, Senior Analyst

Virus DetectedAt a recent Washington Post event on cybersecurity recognizing National Cybersecurity Awareness Month, Deputy Secretary of Homeland Security, Alejandro Mayorkas, spoke of DHS’s “dire need” for cybersecurity legislation that better enables cyber threat information sharing and helps recruit top cybersecurity talent. While the sky isn’t falling in on Deputy Secretary Mayorkas and DHS, the failure of Congress to pass updated cybersecurity legislation has hindered the department’s ability to meet the rapidly shifting landscape of cyber threats.

Read more of this post

Task Order 2 for CDM Approaching

Tomas OKeefe_65x85by Tomas O’Keefe, Senior Analyst

Industry has been waiting on more news about the next set of contracts for the Department of Homeland Security’s (DHS) $6B Continuous Diagnostic and Mitigation (CDM) initiative, and we’re finally starting to get some concrete details about what that’s going to entail. DHS, with the aid of the General Service Administration’s (GSA) Federal Systems Integration and Management (FEDSIM) group, is still focusing on phase 1 of the CDM initiative, which is aimed at tackling end point integrity and identifying network vulnerability. There will be additional phases of CDM over the coming years. But we’re now starting to get more details on Task Order 2, which is the next step in the current phase.

However, a bit of recap before we proceed. Back in January of this year, DHS awarded the Task Order 1 to four Continuous Monitoring-as-a-Service (CMaaS) BPA holders for some network and endpoint protection products. In March, DHS and GSA awarded a contract to develop a federal-wide cybersecurity dashboard that departments will submit CDM information to. Ideally, this dashboard will ease the Federal Information Security Management Act (FISMA) reporting requirements on departments, meaning CISOs can spend more of their time protecting networks and less time filling out paperwork.

Read more of this post

CDM Task Order Draft RFPs are Being Released

Ray Miles_65x85by Ray Miles, PMP, Alliance Manager

Agencies have already begun implementing the initial phase of the Continuous Diagnostics and Mitigation (CDM) program under blanket purchase agreements (BPA) that were awarded in August 2013. The General Services Administration (GSA) is the Department of Homeland Security’s (DHS) partner in offering CDM products across government. DHS oversees development of overall agency requirements while GSA oversees procurement, operation, and maintenance.

Read more of this post

%d bloggers like this: