In 2019, the Defense Department embarked on two new cybersecurity programs: Automated Continuous Endpoint Monitoring, or ACEM, and Comply-to-Connect, or C2C. These programs are changing the way the Defense defines and defends its networks. The outcome will be a vastly improved enterprise security posture as well as advanced automation that will let Defense redirect limited resources toward higher-order cybersecurity missions.
ACEM and C2C share the common goal of ensuring that the department knows what is connecting to and what is happening on its networks (in agency-speak, “domain awareness”). ACEM is intended to help solve the problem of detecting and profiling Windows-based devices, or endpoints, and account for the software on them. C2C will solve the problem of detecting, profiling and securing non-traditional categories of devices such as internet of things or networked operational technology, including, for example, industrial controllers. Firmly grounded in the National Institute of Standards and Technology’s Cybersecurity Framework and the Center for Internet Security top 20 critical controls, these two programs will give Defense the capability to monitor every single connecting device for its compliance with the department’s security policies and automatically enforce these policies to mitigate risk.
Detecting devices on networks has proven to be exceedingly difficult for all federal departments and agencies. Utilizing a program similar to C2C, called Continuous Diagnostics and Mitigation, federal civilian agencies discovered, on average, 75% more devices on their networks than they previously knew about. Defense faces the same problem. A connected device that is unknown—an unmanaged device—is one that cannot receive patches and updates and therefore introduces major cyber risk to the enterprise. Unmanaged devices present an easy path for adversaries to access and exploit higher-value parts of the network, o ..
Support the originator by clicking the read the rest link below.
