Feds Joining Cyber Security ‘Dashboard’ For Real-Time Diagnostics

The Department of Homeland Security (DHS) is streamlining its cyber security functions in the new year, as it will stand guard over a government-wide “dashboard” that will be able to detect and flesh out vulnerabilities in agencies’ networks.

According to a NextGov.com story from late last month, at least two federal agencies have already connected to the dashboard. The tentative plan shows all major federal agencies joining by the end of February.

The dashboard is said to be an extension of Homeland Security’s Continuous Diagnostics and Mitigation program, an effort that helps agencies guard their perimeters by scanning their networks for a host of digital threats.

So, how does the dashboard work?

According to the same report, it pulls in information from sensors planted across government computer networks. The gathered data is then read by the DHS’ cyber officials. In real time, then, sensitive government networks could be monitored, and the DHS would be able to pinpoint which software is running on various devices and endpoints.

In theory, it would be applicable across the entire federal government.

See Related: State Of The Union: Layer Security Or Prep For Legal Battles

The DHS’ goal is to onboard 24 major agencies by February, at which point they will look to integrate smaller offices and agencies as well.

There is no hard deadline on when the entire federal government will be connected to the dashboard.

Prior to this time-saving, diagnostic resource, the DHS could only issue blanket alerts upon learning about damaging vulnerabilities. Or, they would be forced to contact each individual agency. Officials would have to gauge which enterprise was then vulnerable.

On the matter, Assistant Secretary of Homeland Security, Jeanette Manfra, recently said during a think tank address, “Now I can have advanced awareness of a vulnerability. I can go into our dashboard and know instantly who’s running that version of that system and focus the agencies on protecting that asset.”

Perhaps this model can translate to the large enterprise as well (outside of the federal government). While the federal efforts will likely pioneer this responsive “dashboard” format, there are certainly elements that can be lifted and applied to the private sector.

See Related: Substantial NIST Revisions Eye Supply Chain, Analytics Security

That is to say, large enterprises – with many branches, endpoints, or those in multiple locales – which don’t already boast an incident response or diagnostic war room, could take note of these wider efforts to consolidate security strategies.

Enterprise security is a tall order, but with responsive, diagnostic technology – capable of disabling or detaching from corrupted software – business units would mitigate risk, productivity would remain steady and security practitioners would be capable of fleshing out components of their (very dynamic) network.

As efforts shift from “perimeter” defense – via third party antivirus solutions – to a multi-front battle against cyber threats, the dashboard model could prove fruitful for both the U.S. government and those who model their cyber headquarters after it (or for those who have already done so).

While the deadline for agency entry on the dashboard is February 2018, it will be helpful to note the dashboard’s calculable ROI and overall effectiveness over time.