Continuous Diagnostics and Mitigation Adopted by Jigsaw Security


The Department of Homeland Security has been pushing for the Continuous Diagnostics and Mitigation program known as CDM model for awhile now. Upon researching the program, Jigsaw Security has determined that our unique toolset fits the CDM intent so we are currently adding the CDM modules to our platform for use by any Federal customer.

The CDM model provides agencies with tools to identify cybersecurity risks on an ongoing basis and to prioritize those risk based on potential impacts, and allows cybersecurity personnel to mitigate the most significant problems first.

The CDM is based on OMB and NIST guidance and the Jigsaw Analytic Platform meets the Federal reporting requirement intent. CDM offers industry leading commercial off the shelf (COTS) tools to support technical modernization as threat change. Upon learning that a competitors tools were being utilized we determined that our solution can be implemented at far less cost than what the Government is currently using while providing more capabilities than what they are currently getting.

Looking at the CDM model we are confident that our tool will meet all 4 of the phased approach.

Phase 1:

Based on our previous work for the United State Postal Service, our network automation scripts will collect information on all of the devices that are connected to the network allowing quick identification of versions of software and hardware deployed. This data forms the data baseline and is constantly updated as devices come and go within the network environment.

Phase 2:

Once we have identified all of the devices on the network, the next step is to identify who is on the network. This is done via our logging collection and authentication monitoring as well as other logs such as Active Directory, LDAP, wireless access logs, RADIUS authentication and TACACS as examples as well as machine names which are tied to users through previous logins.

Phase 3:

What is happening on the network? This is our bread and butter. We look at Phase 1 and 2 as the identification stages. In Phase 3 we look at what these users and systems are doing using analytics and machine learning, keyword identification and monitoring, activity reporting, time series and other analytic tools. In addition we combine the DHS AIS and CISCP data to report on threats as they occur and prioritize the threats based on the signatures and heuristic detection of malicious software and threat actors.

Phase 4:

In this phase we look at what is working and what is not from the data protection standpoint. For instance we can detect if data is leaving a certain network with our customized sensors, if nation states are attempting to access resources on protected US networks and other use cases deemed appropriate from the data protection standards implemented by NIST.

In short our solutions to these problems are inexpensive and readily available that have been in use by Jigsaw and other service providers for well over 3 years. We look forward to implementing our solutions to meet the needs of this program.

#DHS #CDM #JigsawAnalyticPlatform

7 views

Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2018 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business Jigsaw Security is an operator of WIMAX networks and is operating under license WQVC235 as a common carrier, non-common carrier and private communications operator. Jigsaw Security operates cable and satellite services. Courses may be provided by a third party authorized training partner in some cases. Some training is only available for cleared and US Citizens. Courses approved by the North Carolina Department of Public Safety Private Protective Services Board for licensing and CE credits. JPM program insurance is provided by an authorized Jigsaw Security Insurance Partner and is not underwritten by Jigsaw Security. For insurance information please contact our JPM program manager. Jigsaw Security operates a network through our NCBroadband brand.