CDM Training

Welcome to the Continuous Diagnostics and Mitigation (CDM) Training Program instructor-led and online learning activities page. Here you will find resources to help develop knowledge and understanding about the CDM Program. The resources available on this page are:

On this page:
Past Events
Online Learning  

Microlearning Assets

Congressional Interest and Support for the Continuous Diagnostics and Mitigation (CDM) Program

This 5-minute video demonstrates the interest from Congress in the CDM program from DHS.  It uses testimony from Representative Gerry Connolly from Virginia's 11th congressional district, Representative John Ratcliffe from Texas's 4th congressional district and Mr. Kevin Cox from the CDM PMO to illustrate the value and benefit of what the CDM program is doing for Federal Agencies.
 
Please note that the video may take 10 to 15 minutes to load and play on Government Furnished Equipment (GFE).
 
Presentation Video
Presentation Transcript

Using the Continuous Diagnostics and Mitigation Dashboard to Combat WannaCry Ransomware

This 15-minute video explains how a Federal Agency can use the CDM dashboard to identify and mitigation system vulnerabilities that are exploited by the WannaCry Ransomware malware.  The video demonstrates tasks that can be carried out in the CDM agency dashboard to manage risks to agency systems and information that might be otherwise taken advantage of by this negative threat.
 
Please note that the video may take 10 to 15 minutes to load and play on Government Furnished Equipment (GFE).

Presentation Video
Presentation Transcript

Vulnerability Management Microlearn Using Drupal

The National Protections and Programs Directorate presents a 10 minute Microlearn on how the CDM program can be used to identify and remediate cybersecurity risks through vulnerability management using Drupal Security Alerts as an example.

Please note that the video may take 10 to 15 minutes to load and play on Government Furnished Equipment (GFE).
 
Presentation Video

Improving Agencies' Cyber Readiness: Patch Management (Episode 1 of 6 in the HVA micro Learn series)

The FY19 Improving Agencies' Cyber Readiness mirco learn series covers the top six risks identified in the “Securing High Value Assets” white paper published in July of 2018. In this segment, we discuss the topic of Patch Management as it relates to High Value Assets, also known as HVAs. This is one of several micro learns being released to cover leading practices that DHS has identified in the operations and maintenance of HVAs. We cover: What is a High Value Asset? Why is this Patch Management finding important? What types of challenges do organizations face with Patch Management? What steps should your organization take to respond to this finding?

Presentation Video

Improving Agencies' Cyber Readiness: Enterprise Risk Management (2 of 6 in the series)

The Improving Agencies' Cyber Readiness microlearn series covers the top six risks identified in the “Securing High Value Assets” white paper published in July of 2018. In this segment the topic of Enterprise Risk Management as it relates to High Value Assets, also known as HVAs is discussed. This is one of several assets which are being released to cover leading practices that DHS has identified in the operations and maintenance of HVAs.  Topics covered are: What is ERM? What is a High Value Asset? Why does ERM matter to HVAs? What does ERM mean to HVAs? How should Federal agencies plan to address this finding?

Presentation Video

On-Demand Webinars

Introduction to Creating Queries & Reports Using the Agency Dashboard

Need to learn the basic CDM Agency Dashboard interface? Need to learn how to create custom queries? Then this on demand webinar is for you. During this webinar, you will explore the Agency Dashboard Standard Operating View (SOV) and iViews; learn how to create a custom query; and save a customized query as a report.
The goal of this foundational training webinar is to develop awareness, knowledge, and skills in a key operational piece of the continuous monitoring solution: the CDM Agency Dashboard.

Webinar Video
Course Guide
Certificate of Attendance

Creating Measurements & Metrics for Hardware & Software Assets Using the Agency Dashboard

Are you ready to discover if your agencies hardware assets are associated with a FISMA system? Are you ready to use the CDM Agency Dashboard to easily find legacy software?  Learn how to use the CDM Agency Dashboard to create queries specific to finding measurements for hardware and software assets. You will learn to build and run a query (search) to identify the hardware devices not associated to a FISMA container– hardware devices not associated with an authorized FISMA container is an unauthorized device on the network. You will also learn to create a query for finding legacy software on the network – legacy software can be an unauthorized software asset on the network.

Webinar Video
Course Guide
Certificate of Attendance

Using the CDM Agency Dashboard to Drive Your Vulnerability Management Work Plan

Learn how to use the Continuous Diagnostics and Mitigation (CDM) dashboard and the Agency-Wide Adaptive Risk Enumeration (AWARE) scoring to understand your agencies exposure to vulnerabilities, to determine which vulnerabilities are critical and thus need prioritized mitigation actions, and how to track, manage, and report mitigation progress.

This session will provide participants with an introduction to the following CDM AWARE topics:

  1. Foundational knowledge needed to prepare your agency to use the CDM Dashboard AWARE risk algorithm effectively.
  2. Overview of the CDM AWARE methodology.
  3. How to use AWARE to prioritize mitigation activities to fix the most vulnerable assets first.

Video
Webinar Presentation Slide Deck

CDM Aware Overview - Webinar Videos:

•    Part 1 Video, Presentation Slide Deck
•    Part 2 Video
•    Part 3 Video

ISCM E-Learning Module

The Information Security Continuous Monitoring (ISCM) Technical Assistance Workshop will provide introductory information on the importance of building an ISCM strategy, how ISCM integrates with an organization’s Enterprise Risk Management (ERM) strategy, and ISCM program management and execution.

Webinar Video
Presentation Slide Deck
Certificate of Attendance

Supporting documents:

Past Events

  • Improving Agencies' Cyber Readiness: How Identity, Credential, and Access Management (ICAM) Protects Your Agencies’ Assets
    Tuesday, June 25, 2019
    12:00 pm EDT to 1:00 pm EDT

    Join us on Tuesday, June 25, 2019, to learn about the importance of ICAM in the context of the Continuous Diagnostics & Mitigation (CDM) Program and the “life cycle” of agencies’ employees as they join an organization, move in an organization and leave an organization. Mr. Ross Foard of the Department of Homeland Security’s CDM Program Management Office (CDM PMO) and co-speaker, Mr. Aaron Fiebelkorn of the Department of Homeland Security’s Federal Network Resilience (FNR) Division will present a one-hour webinar on ICAM. They will also discuss the credential management issues that arose during CDM Phase 2, how ICAM factors into cloud computing and the zero-trust approach to access control.

    Webinar Recording
    Webinar Presentation Slide Deck
    Certificate of Attendance
     

  • Improving Agencies' Cyber Readiness: How Data Consistency Impacts CDM
    Tuesday, April 30, 2019
    12:00 pm EDT to 1:00 pm EDT

    Learn more about how data consistency impacts CDM from Rick McMaster (CDM Program Management Office). During this webinar, open discussions were encouraged for attendees to better understand challenges and lessons learned.

    Webinar Recording
    Webinar Presentation Slide Deck
    Certificate of Attendance

  • CDM Agency Dashboard: The CONOPS and Beyond
    Tuesday, November 27, 2018
    12:00 pm EST to 1:00 pm EST

    The Concept of Operations (CONOPS) for the Continuous Diagnostics and Mitigation (CDM) Agency Dashboard is coming! Willie Crenshaw, Program Executive for CDM at the National Aeronautics and Space Administration (NASA) and Mark Singer, Guidance and Planning Team Lead for Cybersecurity Governance in the Federal Network Resilience Division, walked through the highlights of the CDM Agency Dashboard CONOPS, what features are included through CDM Release 6, and how agencies can take full advantage of Release 6 features.

    Webinar Video
    Webinar Presentation Slide Deck
    Certificate of Attendance

  • Communicating Cyber Risk to Agency Decision Makers and Mission Owners: A Discussion with DHS Assistant Secretary Jeanette Manfra
    Tuesday, October 30, 2018
    12:00 pm EDT to 1:00 pm EDT

    Learn what is important when it comes to communicating cyber risk to agency decision makers and mission owners from Jeanette Manfra, Assistant Secretary of the Office of Cybersecurity and Communications (CS&C) at the U.S. Department of Homeland Security (DHS).

    Webinar Recording
    Webinar Presentation Slide Deck
    Certificate of Attendance

  • Make Your Federal Risk Indicator Score Drop Like the Fall Leaves: Learn How CDM’s AWARE Scoring Can Help You Reduce Cyber Risk
    Tuesday, September 25, 2018
    12:00 pm EDT to 1:00 pm EDT

    Learn how AWARE works and how it can be used to reduce risks across the federal enterprise. Mr. Dave Otto (FNR) will present a one-hour webinar on AWARE, providing an overview of the scoring methodology behind AWARE and what you need to do to improve your agency’s score. He will also offer insights on how AWARE could evolve as agencies gain more experience with CDM to support information security continuous monitoring policies.

    Webinar Link
    Webinar Presentation Slide Deck
    Certificate of Attendance

Upcoming Events

There are no Upcoming events currently.

Online Learning

The CDM Training Program has developed a library of online video vignettes, which allow the learner the ability to develop knowledge around key CDM concepts. Please visit the following websites to register for an account and access the video vignette content:
Government employess + contractors – FedVTE 
Non-government personnel – StepFWD 

Back to top