Continuous Diagnostics and Mitigation
Every day, we connect to networks to get into databases, different webpages and other such things without us even knowing it. For example, when we start up our phones and use the internet on them, send text messages, and make calls, we use a network that has been set up by a mobile carrier. Another example is when we go to work and use a computer located in the work place. The computers all located in our workplace are connected to a network. You can access information from the workplace’s data base or communicate to other computers that are connected to this network. These instances aren’t any different when we move up into the government level. The government uses networks to do about the same thing we do and more. These government networks are highly protected and secured because they hold sensitive information. Since we all use networks, they need to be protected highly just like our data. There are many ways one could secure a network. A business could use firewalls, strong encryption and so on. However, the government uses all those basis ways, but they also have a method to securing their network. The government uses Continuous Diagnostics and Mitigation (CDMs) to secure networks and the systems in their position.
A CDM is not a really a software or a device, it is more like an approach. A CDM is a dynamic approach to fortifying the security on a network or a system. A CDM is implemented in a step-by-step manner. It would start by identifying everything on the network. These would be devices like computers, laptops, cellphones, etc. Next, they would identify the users on the network. This would be where they would assign privileged levels, authorized users and other things of that nature. The next phase would be to identify what all is happening on the network. This is where they would identify the trends on the network. For instance, they would monitor network traffic, user log ins and device history. Finally, after all these phases, they would look at how the data is protected currently. This is where they would look at what encryption software is used, what firewall software needs to be in use, and other security measures that need to be taken. This approach can be implemented all together at once or over time. Government agencies are not the only ones who are doing this type of approach. Other businesses like banks, retail stores, and so on are using this process to secure their networks.
Whenever an approach is adopted, the question of how this approach will protect data will come up. A CDM, as discussed, breaks up security into different phases. In each of these phases, a new aspect of security is implemented that is geared towards securing the network. In the first phase, we see that they start at identifying what devices are on the network. This is important because cyber security professionals need to know what devices belong to people on the network and what device should not be on the network at all. This is to get an idea so that when an unknown device is requesting items, they know it is not one of the devices on the network, they can resolve the situation, thus protecting data. The next phase is to identify the users on a network. This is to identify who should be on there and privilege levels. With privilege levels, the cyber security professional can assign people to levels where they can only access certain things. This is where only higher-level employees can access higher level items, while lower-level employees can only access lower level items. This cuts down on users leaking higher level things while they are just a standard user. Next, they would identify what is happening on the network. A cyber security professional would have to set a baseline or use network monitoring software to find trends in the network. This will help them identify when finding unusual activity. Finally, a cyber security professional would identify how to protect the data. This could be installing firewalls, using strong encryption to send packets of data, securing the building, etc.
The field of cyber security is more than just the devices that will secure a network. As we saw, approaches can be adopted to raise cyber security. These approaches are sometimes the best way to implement cyber security. This is because it will lay out everything that needs to be secure. Like I have said before, more than just the government can use this approach, other places and individuals can use it as well. With approaches, the world can be a step closer to becoming a safer one. What do you think? Should more people implement CDMs for their network?
Interested in discussing the challenges and solutions on this topic? Please contact us at firstname.lastname@example.org or call 540-860-0920.