As more organizations are required to comply with Phase 3 Continuous Diagnostics & Mitigations (CDM) requirements, the objectives for organizations to meet those requirements have become increasingly clear.  

Identify

As noted by GSA, CDM provides federal departments and agencies with the capabilities and tools that can help identify ongoing cybersecurity risks. Though risks vary from organization to organization, there are ways to identify network changes that can potentially bring harm to your organization.

Suspicious changes can include but are not limited to:

  • Strange User Access Patterns
  • Abnormal Database Activities
  • User and Device Mismatches
  • File Configuration Changes
  • Changes During Scheduled Patch Updates
  • Privileged Account Abuse
  • User Reports
  • Unauthorized Port Access

In addition to identifying network changes, the identification of data compliance standards may be required as well. A file integrity monitoring software can help maintain an inventory of hardware attached to the network, and even with installed software to help (Read more...)