Building an Interagency Cybersecurity Dashboard, Securing Government IT Infrastructure
ShorePoint’s contributions across the entire architecture of the DHS CDM Program puts it at the forefront of a national initiative to defend federal government systems and agencies against evolving cyber threats.
Background and Challenge
ShorePoint is building a vital capability for the federal government that will inform critical decisions and drive operational efficiency through effective data analysis, reliability, consolidation, and risk-based prioritization.
The Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program is evolving to give agencies enhanced cybersecurity capabilities and a dashboard designed to maximize the value of their cybersecurity data. CDM delivers value to agencies primarily through two distinct avenues: The CDM Dashboard Ecosystem and the CDM Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) Task Orders.
The Dashboard Ecosystem, the result of a contract awarded in 2019, provides agency leaders greater awareness of cybersecurity vulnerabilities along with objective guidance on what should be prioritized for remediation. The dashboard brings enhanced performance, visualization, scalability and data analytics to all Federal Civilian Executive Branch (FCEB) agencies. This will allow DHS to observe assets and assess threats FCEB-wide and implement a scoring system to objectively measure risk and vulnerability. The DEFEND Task Orders are delivering tailored cybersecurity solutions and capabilities to FCEB agencies while helping them to prioritize and remediate vulnerabilities and risks.
ShorePoint is delivering strategic and technical expertise on both the DEFEND and Dashboard Ecosystem Programs, working closely with the lead integrators on each contract. This enables ShorePoint to provide unique insights across stakeholder groups while teaming with some of the industry’s largest companies to innovate and deliver client value in a highly collaborative, multi-vendor environment.
The CDM architecture consists of four layers, which inform cybersecurity insights, aggregate and normalize data, provide detailed dashboards for agencies that prioritize vulnerabilities and threats for remediation; and provide insights into the health of federal networks.
Among the challenges associated with this first-ever enterprise cybersecurity program for the FCEB are a variety of legacy systems across agencies, the need to normalize and ensure data quality, and the need to integrate systems, solutions, and capabilities among multiple vendors and government organizations in a complex technology ecosystem.
Solution and Benefits
The DHS CDM Dashboard Ecosystem is built on an innovative, scalable search and analytics platform – Elasticsearch – that provides the foundational capability to enable greater visibility into federal networks and standardize threat monitoring. Elasticsearch is a pervasive open-source based data aggregation, analytics and modeling platform used by commercial and public sector environments to improve risk-based decisions and priorities. The Dashboard Ecosystem is comprised of instances of Elastic deployed in both on-premises and cloud-based delivery models.
ShorePoint supports the development, testing, deployment, integration, and delivery of CDM Dashboard capabilities for several FCEB agencies and the enterprise Federal Dashboard. ShorePoint further supports the development and implementation of an innovative delivery model for Dashboard Ecosystem capabilities through the Dashboard as a Service (DBaaS).
This “as a service” offering is hosted on Elastic Cloud Enterprise (ECE) and includes ease-of-use features for upgrades and manageability – allowing agencies to have a dedicated cluster provided and administered by the DHS Dashboard Integrator – negating the need for large system requirements, personnel and budgets often required in a non-SAAS configuration. This model also enables rapid development and delivery of additional capabilities and features from within the Dashboard Ecosystem.
ShorePoint will continue working to combine disparate agency security and operational data sources and platforms into consolidated, actionable, and intelligent dashboards offering advanced analytics and modeling to drive risk-based decisions for the federal government.
With critical project milestones successfully achieved in 2020 and 2021, ShorePoint will continue to help the program evolve through future releases in 2022. The excellence in architecture, design, and development of the CDM Dashboard Ecosystem and the underlying Elasticsearch platform have laid the groundwork for increased functional and operational security benefits for stakeholders. ShorePoint will continue to work with CDM Program leadership and the integrators for DEFEND and the Dashboard Ecosystem to drive enhancements to cyber resiliency across the FCEB agency enterprise.