CDM Training

Welcome to the Continuous Diagnostics and Mitigation (CDM) Training page. Here you will discover numerous CDM training resources available in multiple formats and media. These options are meant to enrich your learning experience and help you gain further awareness, understanding, and overall knowledge of the CDM Program. The delivery methods we offer include: In-Person, On-Demand, Virtual In-Person, Micro Learns, and Webinars.

Sign up! Receive training opportunity notices, and learn more about our online, interactive, self-paced training options, webinars, and micro-learns. Email CyberInsights@hq.dhs.gov for registration information.

Audience: Those who monitor, manage, and oversee controls on their information systems, such as ISSOs, CDM POCs, ISSMs, and others who report measurements and/or metrics.

Current State of the CDM Program

Innovation and Evolution of the CDM Dashboard

This half-hour video provides an interview with Mr. Kevin Cox on the current state of the CDM program as well as an overview of the new CDM Agency Dashboard Ecosystem. Additionally, the video provides four use case demonstrations in the CDM Agency Dashboard Ecosystem on how agencies can use the new dashboard to help manage their cybersecurity risk.

Demo
Transcript


Congressional Interest and Support for the CDM Program

This five-minute video demonstrates the interest from Congress in the CDM program from DHS. It uses testimony from Representative Gerry Connolly (VA-11), Representative John Ratcliffe (TX-4), and Mr. Kevin Cox from the CDM PMO to illustrate the value and benefit of what the CDM program is doing for Federal Agencies.
 
Video
Transcript


A Discussion with DHS Assistant Secretary Jeanette Manfra

Learn what is important when it comes to communicating cyber risk to agency decision makers and mission owners from Ms. Jeanette Manfra, Assistant Secretary of the Office of Cybersecurity and Communications (CS&C), U.S. Department of Homeland Security (DHS).

Recording
Slide Deck
Certificate of Attendance


Overview of Each CDM Dashboard Course

Introduction to Creating Queries & Reports Using the CDM Agency Dashboard (CDM102)

This course provides participants with the basic knowledge of continuous monitoring concepts. It includes four live demonstrations using the search, query, and reporting capabilities of the CDM Agency Dashboard to identify and report on vulnerabilities.

Demonstration course (2 hours) –
January 9, 2020 Recording link: https://dhsconnect.connectsolutions.com/p9926821twkc/
StepFWD LMS (hands on labs and instruction for the course) – https://stepfwd.cert.org/lms/login


Using Measurements & Metrics of Hardware & Software Assets with the CDM Agency Dashboard (CDM103)

This course presents an overview of how the dashboard provides visibility into the metrics and measurements needed for a continuous monitoring program; explains how to create queries for HW and SW assets; and introduces a framework for using data reports to inform risk-based decision-making.

Demonstration course (2 hours) –
January 28, 2020  Recording link:   https://dhsconnect.connectsolutions.com/p06o73pcsp5v/
StepFWD LMS (hands on labs and instruction for the course) – https://stepfwd.cert.org/lms/login


Using the CDM Agency Dashboard to Drive Your Vulnerability Management Work Plan (CDM104)

This course introduces participants to CDM Agency-Wide Adaptive Risk Enumeration (AWARE).

Demonstration course (2 hours) –
December 10, 2019 Recording link:  https://dhsconnect.connectsolutions.com/pg2f6o220gsi/
StepFWD LMS (hands on labs and instruction for the course) – https://stepfwd.cert.org/lms/login


CDM Agency Dashboard Asset Discovery Bootcamp (CDM110)

This in-person course incorporates the first three CDM Agency Dashboard training courses into one two-day event and allows additional time for hands-on exercises and questions. The class includes all content from

  • Introduction to Creating Queries & Reports;
  • Using Measurement & Metrics of Hardware & Software Assets; and
  • Using the CDM Agency Dashboard to Drive Your Vulnerability Management Work Plan.

Identity and Access Management Capabilities within the CDM Agency Dashboard (CDM201)

This course introduces participants to the four management capabilities of the CDM Agency Dashboard: PRIV, CRED, TRUST, and BEHAVE. Discussion focuses on:

  1. the foundational knowledge needed to prepare your agency to use the CDM Agency Dashboard to reduce risks associated with identity privileges and credentials;
  2. an overview of how the CDM Agency Dashboard addresses user-centric data in addition to hardware and software information; and
  3. strategies for integrating the PRIV/CRED/TRUST/BEHAVE capabilities of the CDM Agency Dashboard into routine processes and workflows to drive increased risk awareness and mitigation.

Demonstration course (2 hours) –
December 12, 2019 Recording link: https://dhsconnect.connectsolutions.com/pqkncsr3q15h/


Virtual Learning Environments

STEPfwd Virtual Training Environment

STEPfwd is an interactive learning platform that allows Government employees and contractors to follow self-paced trainings using a virtual CDM Agency Dashboard instance. This on-demand format provides 24x7 access to content videos, a sandbox with step-by-step lab activities to follow, and lab review videos that allow you to verify lab steps and check the accuracy of completed questions. If you would like to sign up for a STEPfwd account, send an email request to stepfwd-cdm@cert.org.

StepFWD LMS (hands-on labs and instruction): https://stepfwd.cert.org/lms/login

Getting Your STEPfwd Account: 
If you have questions or issues with getting your STEPfwd account, this video will walk you through this process. https://dhsconnect.connectsolutions.com/pnbnz5ccvswu/

Your First STEPfwd Logon: 
This video describes the process of logging onto STEPfwd and enrolling in courses. It also describes the CDM Dashboard content available to view. https://dhsconnect.connectsolutions.com/p7416aal6hq5/

My Dashboard – this video describes the features of the student landing page within STEPfwd, My Dashboard. It also describes how to find and enroll in courses. https://dhsconnect.connectsolutions.com/pwwh35hmexwa/

Starting a Lab – this video reviews the steps to open the a lab environment, start a virtual machine, and then start the CDM Agency dashboard within that environment. https://dhsconnect.connectsolutions.com/p6i9b6dcysr2/

Completing a Knowledge Check – once you’ve completed a lab activity there are knowledge check questions users must complete in order to get create for completing the course. This video identifies where the Knowledge Checks are located and how to maneuver between the screens. https://dhsconnect.connectsolutions.com/pr1l1sju94i0/


Federal Virtual Training Environment

The Federal Virtual Training Environment (FedVTE) CDM Training Program is a library of online video vignettes for Government employees and contractors. https://fedvte.usalearning.gov/


AWARE (Agency-Wide Adaptive Risk Enumeration)

Let's Talk About ... AWARE

In this 17-minute episode, David Otto, a Risk Management Subject Matter Expert with the Continuous Diagnostics & Mitigation (CDM) Program, talks about how agencies can optimize the use of Agency-Wide Adaptive Risk Enumeration (AWARE) – an algorithm tied into the CDM Federal Dashboard that helps agencies measure risk. During an interview, by Mr. Jim Wiggins, Mr. Otto explains what AWARE is, what it does, and how agencies can use AWARE to improve their risk management decisions. Other topics include how agencies can interpret and socialize their AWARE results and how AWARE and the Risk Management Framework complement each other to mitigate risk.

Video
Transcript


CDM Agency-Wide Adaptive Risk Enumeration (AWARE) Overview

In this webinar, Dave Otto (CDM Program Office, AWARE Lead) presents an overview and discussion on the Agency-Wide Adaptive Risk Enumeration (AWARE) scoring algorithm and how it can be used to inform decision-making in the management of cyber risk. The recording is divided into three parts, due to its large media file size.

• Part 1 Video
• Part 2 Video
• Part 3 Video
Presentation Slide Deck


Learn How CDM’s AWARE Scoring Can Help You Reduce Cyber Risk

Learn how AWARE works, and how it can be used to reduce risks across the federal enterprise. Mr. Dave Otto, CDM Program Management Office presents a one-hour webinar on AWARE, providing an overview of the scoring methodology behind AWARE, and what you need to do to improve your agency’s score. He also offers insights on how AWARE could evolve as agencies gain more experience with CDM to support information security continuous monitoring policies.

Recording
Slide Deck
Certificate of Attendance


Information Security Continuous Monitoring (ISCM) Technical Assistance Workshop

ISCM E-Learning Module

The Information Security Continuous Monitoring (ISCM) Technical Assistance Workshop will provide introductory information on the importance of building an ISCM strategy, how ISCM integrates with an organization’s Enterprise Risk Management (ERM) strategy, and ISCM program management and execution.

Recording
Slide Deck
Certificate of Attendance

Supporting documents:


Let's Talk About... Series

Let's Talk About ... AWARE

In this 17-minute episode, David Otto, a Risk Management Subject Matter Expert with the Continuous Diagnostics & Mitigation (CDM) Program, talks about how agencies can optimize the use of Agency-Wide Adaptive Risk Enumeration (AWARE) – an algorithm tied into the CDM Federal Dashboard that helps agencies measure risk. During an interview, by Mr. Jim Wiggins, Mr. Otto explains what AWARE is, what it does, and how agencies can use AWARE to improve their risk management decisions. Other topics include how agencies can interpret and socialize their AWARE results and how AWARE and the Risk Management Framework complement each other to mitigate risk.

Video
Transcript


Ransomware

Using the CDM Agency Dashboard to Combat WannaCry Ransomware

This 15-minute video explains how a Federal Agency can use the CDM Agency dashboard to identify and mitigate system vulnerabilities that are exploited by the WannaCry Ransomware malware. The video demonstrates tasks that can be carried out in the CDM Agency dashboard to manage risks to agency systems and information that might be otherwise taken advantage of by this negative threat.

Video
Transcript


Vulnerability Management Using Drupal

The 10-minute video describes how the CDM program can be used to identify and remediate cybersecurity risks through vulnerability management using the example of Drupal Security Alerts.

Video


Securing High Value Assets Series (15-20-minute recordings) for Management

The FY19 Improving Agencies' Cyber Readiness micro learn series covers the top six risks identified in the “Securing High Value Assets” white paper published in July 2018. In this part, we discuss the topic of Patch Management as it relates to High Value Assets, also known as HVAs. This is one of a series of micro learns that present leading practices that DHS has identified in the operations and maintenance of HVAs.

 

Patch Management (1 of 6)

Topics covered: What is a High Value Asset? Why is this Patch Management finding important? What types of challenges do organizations face with Patch Management? What steps should your organization take to respond to this finding?

Video


Enterprise Risk Management (2 of 6)

Topics covered: What is ERM? What is a High Value Asset? Why does ERM matter to HVAs? What does ERM mean to HVAs? How should Federal agencies plan to address this finding?

Video


Malware Defense (3 of 6)

Topics covered: What is Malware? Why does it matter? What this means to You.  What is a High Value Asset (HVA). What Issues did DHS find? Protecting HVAs.

Video


Webinar Series

The Webinar series is a sequence of interactive, online discussions intended for federal civilian agencies. The series aims to increase agencies’ understanding of cybersecurity organizational best practices, risk management concepts, and mission impact relative to the CDM Program.

The theme for FY19 focused on Improving Agencies' Cyber Readiness across the federal landscape. FY20 builds on that foundation and focuses on increasing cyber-readiness across the federal enterprise through proactive planning and decision-making. Specifically, FY20 webinars will provide operational insights and practices, then link them to the CDM Program and agency implementation of CDM capabilities. In addition, the webinars will include lessons to help agencies link operational cybersecurity with mission impacts and risk mitigation. 

 

How Identity, Credential, and Access Management (ICAM) Protects Your Agencies’ Assets

Learn about the importance of ICAM in the context of the CDM Program and the “life cycle” of agencies’ employees as they join, move in, then leave an organization. Mr. Ross Foard, Cybersecurity and Infrastructure Security Agency (CISA), CDM Program Management Office, and Mr. Aaron Fiebelkorn, CISA, Cybersecurity Division, present a one-hour webinar on ICAM. They discuss the credential management issues that arise during CDM Phase 2, how ICAM factors into cloud computing, and the zero-trust approach to access control.

Recording
Slide Deck
Certificate of Attendance


How Data Consistency Impacts CDM

Learn more about how data consistency impacts CDM from Mr. Rick McMaster, CDM Program Management Office. This webinar includes open discussions with attendees to better understand challenges and lessons learned.

Recording
Slide Deck
Certificate of Attendance


CDM Agency Dashboard: The CONOPS and Beyond

Learn about the Concept of Operations (CONOPS) for the Agency CDM Dashboard. Mr. Willie Crenshaw, Program Executive for CDM, National Aeronautics and Space Administration (NASA), and Mr. Mark Singer, Guidance and Planning Team Lead for Cybersecurity Governance, Federal Network Resilience Division, review the highlights of the CDM Agency Dashboard CONOPS, what features are included through CDM Release 6, and how agencies can take full advantage of Release 6 features.

Recording
Slide Deck
Certificate of Attendance


Learn How CDM’s AWARE Scoring Can Help You Reduce Cyber Risk

Learn how AWARE works, and how it can be used to reduce risks across the federal enterprise. Mr. Dave Otto, CDM Program Management Office presents a one-hour webinar on AWARE, providing an overview of the scoring methodology behind AWARE, and what you need to do to improve your agency’s score. He also offers insights on how AWARE could evolve as agencies gain more experience with CDM to support information security continuous monitoring policies.

Recording
Slide Deck
Certificate of Attendance


Past Events

Introduction to Identity and Access Management

This course introduces participants to the four management capabilities of the CDM Agency Dashboard: PRIV, CRED, TRUST, and BEHAVE. Discussion focuses on: (1) the foundational knowledge needed to prepare your agency to use the CDM Agency Dashboard to reduce risks associated with identity privileges and credentials; (2) an overview of how the CDM Agency Dashboard addresses user-centric data in addition to hardware and software information; and (3) strategies for integrating the PRIV/CRED/TRUST/BEHAVE capabilities of the CDM Agency Dashboard into routine processes and workflows to drive increased risk awareness and mitigation.

Virtual/Online Demonstration – Please refer to the Overview of Each CDM Dashboard Course section above to view course content.

Email CyberInsights@hq.dhs.gov to register for future courses.


Using Measurements for Hardware & Software Assets Using the Agency Dashboard

Are you ready to discover if your agencies hardware assets are associated with a FISMA system? Are you ready to use the CDM Agency Dashboard to easily find legacy software? Learn how to use the CDM Agency Dashboard to create queries specific to finding measurements for hardware and software assets. You will learn to build and run a query (search) to identify the hardware devices not associated to a FISMA container– hardware devices not associated with an authorized FISMA container is an unauthorized device on the network. You will also learn to create a query for finding legacy software on the network – legacy software can be an unauthorized software asset on the network.

Virtual/Online Demonstration – Please refer to the Overview of Each CDM Dashboard Course section above to view course content.

Email CyberInsights@hq.dhs.gov to register for future courses.


Identity & Access Management Capabilities within the CDM Agency Dashboard course

Virtual/Online Demonstration – Please refer to the Overview of Each CDM Dashboard Course section above to view course content.

Email CyberInsights@hq.dhs.gov to register for future courses.


Using the CDM Agency Dashboard to Drive Your Vulnerability Management Work Plan

Do you want to learn how to use the CDM Agency Dashboard and the Agency-Wide Adaptive Risk Enumeration (AWARE) scoring? Do you want to understand your agency’s exposure to vulnerabilities, to determine which vulnerabilities are critical and thus need prioritized mitigation actions, and how to track, manage, and report mitigation progress?  

This course will provide you with an introduction to the following CDM AWARE topics:
• Foundational knowledge needed to prepare your agency to use the CDM Dashboard AWARE risk algorithm effectively.
• Overview of the CDM AWARE methodology.
• How to use AWARE to prioritize mitigation activities to fix the most vulnerable assets first.

Virtual/Online Demonstration – Please refer to the Overview of Each CDM Dashboard Course section above to view course content.

Email CyberInsights@hq.dhs.gov to register for future courses.


Introduction to Creating Queries and Reports Using the Agency Dashboard

Need to learn the basic CDM Agency Dashboard interface? Need to learn how to create custom queries? Then this course is for you.

During either the in-person or online course, you will explore the Agency Dashboard Standard Operating View (SOV) and iViews; learn how to create a custom query; and save a customized query as a report.

The goal of this foundational training is to develop awareness, knowledge, and skills in a key operational piece of the continuous monitoring solution: the CDM Agency Dashboard.

Virtual/Online Demonstration – Please refer to the Overview of Each CDM Dashboard Course section above to view course content.

Email CyberInsights@hq.dhs.gov to register for future courses.