Feds Weigh In on Impact of CDM Program, Forcepoint Survey Explores

The CDM Program was designed to help government teams identify and prioritize cybersecurity risks and enable cyber personnel to quickly mitigate these problems.
The CDM Program was designed to help government teams identify and prioritize cybersecurity risks and enable cyber personnel to quickly mitigate these problems.

Forcepoint, a global leader in cybersecurity and a Finalist in the 2018 ‘ASTORS’ Homeland Security Award Program, has released the results of its new Federal CDM Survey, which explores how the U.S. Department of Homeland Security (DHS) Continuous Diagnostics & Mitigation (CDM) Program is tracking against the goal of providing more effective cybersecurity solutions for government agencies.

Respondents were asked to comment on the current state of CDM in their agency, share their impressions, desired outcomes and pain points related to the program.

The findings of this report are based on a survey fielded in August 2018 by independent research firm Market Connections, which yielded responses from more than 200 federal civilian IT decision makers in the United States.

Key Findings Include:

Courtesy of Forcepoint and Market Connections
Courtesy of Forcepoint and Market Connections

CDM Perspectives Differ between Managers and Implementers

  • When asked to rate the effectiveness of the current implementation of CDM in their agency or department, managers and directors were almost three times as likely to describe CDM as very or somewhat effective (88%) as compared to implementers. (31%)

  • When asked to evaluate what they believe the effectiveness of the CDM program will be once all CDM phases are rolled out, the gap closed somewhat.

    • Fifty-four percent of implementers thought the program would be very or somewhat effective compared to 88 percent of managers and directors.

The Most Important CDM Priorities are Compatibility and Risk-Adaptive Security

  • Compatibility with existing systems is of utmost importance, followed by risk-adaptive security, with both aspects seen as extremely or very important by more than one-half of respondents.

  • Concern over insufficient compatibility of CDM tools with existing systems is listed as a potential or very big problem by 92 percent of respondents.

  • Ninety-one percent also worry that the CDM Program limits the use of the latest technology.

Courtesy of Forcepoint and Market Connections
Courtesy of Forcepoint and Market Connections

Government IT Teams Want the CDM Program to Deliver Faster Response Time for Attacks and a Proactive Approach to Security Threats Above All

  • When asked to rank the results of the CDM program, respondents selected faster response to attacks (59%), a more proactive approach to security threats (58%) and enhanced security (56%) as their preferred outcomes.

  • Managers and directors were even more likely to rate these outcomes as extremely or very important.

The CDM Program was designed to help government teams identify and prioritize cybersecurity risks and enable cyber personnel to quickly mitigate these problems.

Given concerns about compatibility of CDM-approved tools with legacy systems, savvy government CISOs and CIOs will leverage the CDM program to modernize their overall infrastructure.

The survey results also point to a clear need to address the difference in perspectives between managers and implementers.

Courtesy of Forcepoint
Courtesy of Forcepoint and Market Connections

For agencies to see the full benefit of the CDM Program, there needs to be stronger alignment and agreement about both the benefits and challenges associated with the Program.

Eric Trexler, Vice President Global Governments and Critical Infrastructure Sales at Forcepoint
Eric Trexler, Vice President Global Governments and Critical Infrastructure Sales at Forcepoint

“Government is starting to see the fruits of its labor with CDM implementations, and significant positive changes have been made in DEFEND based on experiences in the early phases of the program,” said Eric Trexler, vice president, Global Governments and Critical Infrastructure at Forcepoint.

“The work is far from done. As agencies advance along this journey, teams are facing numerous obstacles from training and data protection to system compatibility.”

“Nevertheless, teams are optimistic and nearly two-thirds of respondents anticipate that the CDM Program will be very or somewhat effective when the rollout at their agency is complete.”

Dynamic Data Protection

Digital transformation has driven unprecedented connectivity throughout government agencies.

Users want to work in dynamic applications that reside on premises, in the cloud or in a hybrid environment.

They also expect to access data, including Controlled Unclassified Information (CUI), from anywhere – and from any type of device.

In this new era, it is imperative for the Federal Government to provide better, more efficient service for its citizens in the most cost-effective and secure manner.

To accomplish such modernization, agencies must rethink traditional cybersecurity approaches.

(Understand what the next evolution of data protection is and how Forcepoint is leading the charge. Courtesy of Forcepoint and YouTube. Posted on Aug 15, 2018.)

The Office of Management and Budget (OMB) has identified five persistent weakness that most agencies continue to struggle with:

  1. Limiting, preventing and detecting inappropriate access to computer resources
  2. Managing the configuration of software and hardware
  3. Segregating duties to ensure that a single individual does not have control over all key aspects of a computer-related operation
  4. Planning for continuity of operations in the event of a disaster or disruption
  5. Implementing agency-wide security management programs that are critical to identifying control deficiencies, resolving problems and managing risks continuously Traditional cybersecurity has failed, and it has put our nation and gov organizations at risk.

As the number of sophisticated threats rise and the attack surface expands with digital transformation, legacy threat-centric solutions struggle to keep up.

They are overwhelmed by the billions of network alerts observed by a modern enterprise.

Simply put, today’s IT ecosystem is just too complex for traditional cyber architectures and point solutions.

Built to address the barrage of complex and sophisticated threats facing organizations today, Forcepoint’s Risk-Adaptive Protection continuously assesses risk and automatically provides proportional enforcement that can be dialed up or down.

This capability is enabled through the power of human-centric behavior analytics that understand interactions with data across users, machines and accounts.

Intelligent context speeds decision-making and security controls specific to changing risk in enterprise networks.

(Learn how you can protect your data, reduce alarms and alerts, and increase efficiency with the industry’s first automated solution – Dynamic Data Protection from Forcepoint. Courtesy of Forcepoint and YouTube. Posted on Sep 26, 2018.)


Dynamic Data Protection delivers a system for identifying and investigating entities that post potential risk to critical data and assets.

It dynamically applies monitoring and enforcement controls to protect assets based on risk level of actors and the value of data.

DLP and Behavior-centric Analytics combine to create Automated Policy Enforcement:

  • Behavior-centric Analytics profiles high risk user activity based on DLP incidents, data models, and endpoint collector events. 
  • Behavior-centric Analytics dynamically allocates a risk score to entities based on user activity. 
  • DLP applies automated controls to user interactions with sensitive data based on their current risk level. 
  • Behavior-Centric Analytics supports detailed investigation of high risk user activity.


Courtesy of Forcepoint
Courtesy of Forcepoint

With the industry’s first automated enforcement capability that dynamically adapts, security analysts are now freed to focus on high value activities and eliminate the backlog of alerts from traditional security tools.

Importantly, security leaders also can reduce traditional security friction pain points to enable productivity gains and business success, while also reducing the time required to detect and mitigate risk from days or months to a matter of seconds.

Forcepoint’s Dynamic Data Protection is the company’s first Risk-Adaptive Protection solution offering and the next-generation of data loss prevention (DLP).

It surpasses legacy DLP offerings to uniquely deliver next-generation data protection that adaptively shapes and enforces security policies across enterprise endpoints or devices, without requiring administrator intervention.

With human-centric behavior-analytics at its core, Forcepoint Dynamic Data Protection applies an anonymous and continuously updated behavioral risk score to establish a baseline of “normal” behavior of each end-user on corporate or unmanaged networks.

(Traditional, event-centric, approaches to cybersecurity do not provide context to determine which alerts are really a problem. We need to shift our focus to human-centric security, to people and how they interact with data over time. At the core of human-centric security is the human point – the intersection of people, critical data and IP over networks of different trust levels. Courtesy of Forcepoint and YouTube. Posted on Mar 2, 2018.)

Forcepoint’s intelligent systems, informed by the individual risk assessment, then apply a range of security countermeasures to address the identified risk.

For example, Forcepoint Dynamic Data Protection can allow and monitor data access, allow access but encrypt downloads, or fully block access to sensitive files depending on the context of individual interactions with corporate data and the resulting risk score.

An organization’s ability to automatically adapt enforcement policy to the most significant risk can mean the difference between protecting critical customer data, intellectual property and even mission success.

Forcepoint’s Dynamic Data Protection is the answer to the government industry’s core security challenges, and protects the human point for thousands of enterprise and government customers in more than 150 countries.

Forcepoint Named a Finalist in 2018 ‘ASTORS’ Homeland Security Awards Program

AST focuses on Homeland Security and Public Safety Breaking News, the Newest Initiatives and Hottest Technologies in Physical & IT Security, essential to meeting today’s growing security challenges.

2017 ASTORSThe 2018 ‘ASTORS’ Homeland Security Awards Program, is organized to recognize the most distinguished vendors of Physical, IT, Port Security, Law Enforcement, Border Security, First Responders, (Fire, EMT, Military, Support Services Vets, SBA, Medical Tech) as well as the Federal, State, County and Municipal Government Agencies – to acknowledge their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’

As an ‘ASTORS’ competitor, Forcepoint is competing against the industry’s leading providers of Innovative Cyber Security Solutions.

To Learn More about the ‘ASTORS’ Homeland Security Awards Program, see 2017 ‘ASTORS’ Homeland Security Award Winners Honored at ISC East.

The 2017 ‘ASTORS’ Homeland Security Awards Presentation Luncheon
The 2017 ‘ASTORS’ Homeland Security Awards Presentation Luncheon

Over 100 distinguished guests from National, State and Local Governments, and Industry Leading Corporate Executives from companies allied to Government, gathered from across North America and the Middle East to be honored from disciplines across the Security Industry in their respective fields which included representatives from:


  • The Department of Homeland Security (DHS) Science and Technology Directorate (S&T)
  • U.S. Customs and Border Protection
  • The Department of Justice
  • The Security Exchange Commission
  • State and Municipal Law Enforcement Agencies
  • The Royal Canadian Mounted Police
  • Leaders in Private Security

The highlight of the 2018 AST Homeland Security Awards Season will be the 2018 ‘ASTORS’ Awards Presentation Luncheon to honor Nominees, Finalists and Winners on November 14, 2018 at ISC East 2018 at the Jacob Javits Exhibition Center in New York City.

Good luck to ForcePoint on becoming a Winner of the 2018 American Security Today’s Homeland Security Awards Program!

To Learn More, download Forcepoint’s report ‘CDM Effectively Building Federal Cybersecurity White Paper‘, or visit https://www.forcepoint.com/.

forcepoint logo

Join us in Recognizing these Industry-Leading Firms for their Outstanding Product Development  Achievements, Exciting New Technologies and Innovative Education Programs to address the growing Homeland Security Threats our Nation is facing.

Take advantage of this exclusive luncheon opportunity to Invite your Guests, Clients and Show Visitors to a lovely & affordable plated meal event in the heart of New York City, for a Fabulous Networking Opportunity!

Exclusive luncheon and networking opportunity at ISC East 2018.
Take a break from the Show and Join Us for this Exclusive Luncheon and Networking Opportunity at ISC East 2018.

ISC East is the Northeast’s largest security industry event and your ‘ASTORS’ Awards Luncheon registration includes complimentary attendee access to the show.

Already Exhibiting and/or Attending the 2018 ISC East Conference?

Join us to meet the 2018 ‘ASTORS’ Award Winning Company Executives & Government Agency Representatives.

Register today for the ‘ASTORS’ Homeland Security Awards Luncheon on November 14th, in New York City and give yourself & your clients a break from the show!

Gourmet luncheon choices available per person, or reserve a table – make an Impression on your Guests and Receive an Exclusive Discount Opportunity.

To Learn More about the AST 2018 ‘ASTORS’ Homeland Security Awards Program and Luncheon, please contact Michael Madsen, AST Publisher at: mmadsen@americansecuritytoday.com or call 732.233.8119 (mobile) or 646-450-6027.