Shon Lyublanovits, IT Security Subcategory Manager and Director of the Security Services Division
[Editorial note: This blog is the second of a three part series by Shon Lyublanovits, GSA’s IT Security Subcategory Manager and Director of the Office of IT Security Services for Office of Information Technology Category (ITC). Designed to raise awareness of the Department of Homeland Security’s annual October National Cyber Security Awareness Month campaign, this blog series highlights a suite of cybersecurity enhancing products, services and solutions provided by GSA, outlining the unique benefits each provides to government].
In today’s cyber ecosystem many, if not all, government mission requirements depend upon IT systems. Government agencies need to go beyond simply knowing who and what is on their networks. Senior leaders, chief information officers, and IT experts across government must be ready to face all potential cyber threats and it is critical that all information be secure. The latest IT tools and associated services are essential if agencies are to effectively and proactively identify, manage, and respond to new vulnerabilities and evolving threats. Agencies must also be able to keep up with and anticipate constant change in the enterprise architecture and operational environment.
GSA remains committed to helping agencies meet these ever-evolving challenges by offering a suite of pre-vetted cybersecurity products, services, and solutions that help agencies comply with mandates and IT requirements, while also addressing cyberattacks. This includes working with the Department of Homeland Security (DHS) to establish a new Special Item Number (SIN) for IT Schedule 70: Continuous Diagnostics and Mitigation (CDM) Tools. With CDM tools, we’re able to meet the government’s need for stronger cyber networks with strategically sourced tools and associated services.
New SIN offers agencies improved flexibility in IT procurement and cybersecurity
Our IT products on the CDM Tools SIN are prequalified and approved by DHS. And by leveraging the buying power of the government and streamlining the procurement process, we’ve made it easier and less expensive for our government partners to get the flexible solutions they need to effectively mitigate ever-changing cybersecurity threats.
Furthermore, these flexibilities on the CDM Tools SIN give government customers — federal, state, local, regional, tribal and territorial government entities — even easier access to a governmentwide set of information security continuous monitoring (ISCM) tools. The new CDM SIN also:
- Enhances and automates existing continuous network monitoring capabilities
- Strengthens the security posture of government networks
- Improves risk-based decision making at the agency and federal enterprise level
CDM Tools SIN enhances existing continuous network monitoring capabilities
The CDM Tools SIN gives government agencies the ability to identify cybersecurity risks, prioritize them based upon potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first.
We’ve organized the capabilities and tools into five subcategories:
- Manage “What is on the network?” — Identifies the existence of hardware, software, configuration characteristics, and known security vulnerabilities.
- Manage “Who is on the network?” — Identifies and determines the users or systems with access authorization, authenticated permissions, and granted resource rights.
- Manage “How is the network protected?” — Determines the user/system actions and behavior at the network boundaries and within the computing infrastructure.
- Manage “What is happening on the network?” — Prepares for events/incidents, gathers data from appropriate sources, and identifies incidents through analysis of data.
- Emerging tools and technology — Includes CDM cybersecurity tools and technology not in any other subcategory.
CDM strengthens government networks
We want to help government fight cyberattacks by providing tools to help detect vulnerabilities and protect agencies from threats. These tools enhance government network security through automated control testing and progress tracking. This approach:
- Provides services to implement sensors and dashboards
- Delivers near-real time results
- Prioritizes the worst problems within minutes (not quarterly or annually)
- Enables defenders to identify and mitigate flaws at network speed
- Lowers operational risk and exploitation of government IT systems and networks
Purchasing officers can buy from the CDM Tools SIN through eBuy and GSA Advantage!®. Issue a request for information (RFI) or request for quotation (RFQ), and let vendors respond to your requirements. Likewise, government agencies can purchase products, services, and solutions through IT Schedule 70’s Cooperative Purchasing Program.
For more information
If you have questions about the CDM Tools SIN, contact the IT Customer Service Center at (855) ITaid4U/(855) 482-4348 or firstname.lastname@example.org. Representatives are available Sunday at 8:00 p.m. through Friday at 8:30 p.m.
Learn more about GSA’s CDM Program.