The Biden Administration has requested $408 million to further integrate the Continuous Diagnostics and Mitigations (CDM) program into the Cybersecurity and Infrastructure Security Agency’s (CISA) cyber services. The goal is to strengthen cyber defense operations across federal agencies.
The CDM program was initially developed as an operational tool for agencies to monitor their cyber assets and report progress to CISA. However, CDM has evolved beyond its original purpose and is now being utilized for incident response and shaping operational activities based on real-time data provided by the program.
Michael Duffy, associate director of capacity building at CISA, emphasized the importance of finding a balance between focusing on basics and identifying new trends. He believes that CISA’s unique position in the federal government allows them to provide effective capabilities and support in this regard. By integrating CDM into federal agencies, the Biden Administration hopes to enhance the government’s ability to respond to cyber threats.
In another development, it has been revealed that the FBI improperly searched its databases for the names of a US senator and two state officials. The declassified FISA 702 FISC order, released by the office of the Director of National Intelligence (ODNI), shows that these queries were in violation of proper protocols. The FISA section 702 is set to expire at the end of the year, and its renewal is facing skepticism from both sides of the aisle.
Despite the controversies surrounding the FBI’s querying of US person information, senior intelligence officials argue that Section 702 is critical to national security. It allows them to gather information and counter foreign government actions. FBI Director Christopher A. Wray defended the importance of Section 702 in a letter to Chuck Schumer, stating that it helps in protecting Americans and the homeland from cyberattacks and espionage campaigns. Director Wray also highlighted the FBI’s efforts to address compliance issues and ensure proper training of personnel.
In a separate development, the US Senate Armed Services Committee has approved the establishment of a dedicated cyber intelligence center within the Department of Defense (DOD). The center aims to better utilize service members responsible for cybersecurity and computer-based intelligence gathering. It would support US Cyber Command and could potentially be located in the Defense Intelligence Agency.
The decision to establish a separate center instead of consolidating it with Cyber Command’s headquarters at Fort Meade, MD remains unclear. However, some experts argue that a dedicated military cyber intelligence capability under Title 10 of U.S. law, which governs the armed forces, is increasingly important. The move is seen as a response to the challenges faced during the Russian invasion of Ukraine, where the traditional intelligence roles within the Defense Intelligence Agency were overwhelmed.
Overall, these developments highlight the ongoing efforts to strengthen cybersecurity and intelligence capabilities within the US government. The Biden Administration’s request for further integration of CDM into federal agencies, the scrutiny faced by the FBI’s querying practices, and the establishment of a dedicated cyber intelligence center all demonstrate the importance placed on addressing cyber threats and safeguarding national security.