tech leadership (Sergey Nivens/


Leading by example on CDM

Cybersecurity Finalists

APE: Novel Intrusion Prevention for Android
Department of Homeland Security

Baseline Tailor
National Institute of Standards and Technology, Department of Commerce

Continuous Diagnostics and Mitigation Program

Derived PIV Credentials for Mobile Devices
Federal Emergency Management Agency, DHS

Security Accreditation in the C2S Isolated Cloud Region
Intelligence Community


Click here for the full list of 2017 Dig IT finalists for all categories. And please join us at the Oct. 19 Dig IT Awards gala.

The Continuous Diagnostics and Mitigation Program tackles a Sisyphean task: giving 124 federal civilian agencies and state, local, regional and tribal governments the tools to identify and address network security risks in near-real time.

Based on commercial tools, the CDM program helps standardize cybersecurity reporting, strengthen situational awareness and support risk-based decision-making at the enterprise level. The first task orders for the $6 billion program were issued in 2014, but it’s only in the past year that deployments have started to take hold.

And the Department of Homeland Security, which manages the governmentwide program, has gone to great lengths to adopt CDM itself and demonstrate what it can do for government security.

CDM was conceived years before the 2014 task orders, but until the establishment of a CDM program management office, DHS’ own implementation was far behind schedule and in jeopardy of failing. The CDM team — based in the DHS CIO’s office but working with components across the department — corrected course and successfully implemented CDM Phase 1, Wave 1 as scheduled.

In 2017, DHS became the first federal agency to officially implement a CDM program, and for the first time, senior DHS leaders had a dashboard that shows them what is on the network. More important, that insight allows them to make better-informed decisions on cybersecurity risk assessments — something the department continues to work on with other agencies.

About the Author

Troy K. Schneider is editor-in-chief of FCW and GCN, as well as General Manager of Public Sector 360.

Prior to joining 1105 Media in 2012, Schneider was the New America Foundation’s Director of Media & Technology, and before that was Managing Director for Electronic Publishing at the Atlantic Media Company. The founding editor of, Schneider also helped launch the political site in the mid-1990s, and worked on the earliest online efforts of the Los Angeles Times and Newsday. He began his career in print journalism, and has written for a wide range of publications, including The New York Times,, Slate, Politico, National Journal, Governing, and many of the other titles listed above.

Schneider is a graduate of Indiana University, where his emphases were journalism, business and religious studies.

Click here for previous articles by Schneider, or connect with him on Twitter: @troyschneider.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected