Improving Control of Digital Networks
VA’s Continuous Diagnostics and Mitigation (CDM) strategy is constantly evolving to improve VA’s network security. As CDM tools and capabilities improved, VA’s networks and Veterans’ data are more secure than ever.
How do CDM tools work?
Imagine VA’s network as a large house. Much like how houses have multiple entry points, digital networks have several entry points in the form of network routers. But both networks and houses have non-traditional entrances as well. In a house, these might be doors, windows, or chimneys that someone could use to enter undetected; on a network, they could be approved devices that someone hacks to gain unsecured access. CDM tools are like locks, securing these entry points and deterring outsiders from hacking in.
“With these new tools, we now have visibility on every device that’s connected to our network,” said Jason Hyer, CDM Program Manager with OIS. “We had an understanding with some of our previous tools, but now we can see what devices are connected almost instantaneously.”
This suite of new CDM tools recently allowed VA to swiftly patch a security vulnerability found in Microsoft's Windows 10 operating system that could have led to unauthorized network access. The CDM tools allowed VA technical staff to quickly find un-patched devices and deny network access to those who still needed the update. VA has updated 97 percent of affected computers—two percent higher than the federal average.
Building on the concept of protecting VA’s digital house, Mr. Hyer used a construction analogy to describe how CDM tools have laid the foundation of VA’s future cybersecurity structure. “Now that these tools are in place, we can build on them and build out VA’s cybersecurity infrastructure.”
Veteran data security is one of VA’s highest priorities and the Department is working diligently to defend that data for those who defended our country. CDM tools represent VA’s commitment to protecting the sensitive data we are responsible for by using state-of-the-art technology to secure our networks—and enabling a seamless, secure experience for our Veterans.