Continuous Diagnostics and Mitigation Training


Welcome to the Continuous Diagnostics and Mitigation (CDM) Training page. Here you will discover numerous CDM training resources available in multiple formats and media. These options are meant to enrich your learning experience and help you gain further awareness, understanding, and overall knowledge of the CDM Program. The delivery methods we offer include: In-Person, On-Demand, Virtual In-Person, Micro Learns, and Webinars.

Sign up! Receive training opportunity notices, and learn more about our online, interactive, self-paced training options, webinars, and micro-learns. Email CyberInsights@cisa.dhs.gov for registration information.

Audience: Those who monitor, manage, and oversee controls on their information systems, such as ISSOs, CDM POCs, ISSMs, and others who report measurements and/or metrics.

How To Register For Training

Register for all upcoming featured events, webinars for CDM training sessions. 

Current State of the CDM Program

Innovation and Evolution of the CDM Dashboard

This half-hour video provides an interview with Mr. Kevin Cox on the current state of the CDM program as well as an overview of the new CDM Agency Dashboard Ecosystem. Additionally, the video provides four use case demonstrations in the CDM Agency Dashboard Ecosystem on how agencies can use the new dashboard to help manage their cybersecurity risk.

Innovation and Evolution of the CDM Dashboard Demo  

Innovation and Evolution of the CDM Dashboard Transcript

Congressional Interest and Support for the CDM Program

This five-minute video demonstrates the interest from Congress in the CDM program from DHS. It uses testimony from Representative Gerry Connolly (VA-11), Representative John Ratcliffe (TX-4), and Mr. Kevin Cox from the CDM PMO to illustrate the value and benefit of what the CDM program is doing for Federal Agencies.

Congressional Interest and Support for the CDM Program Video

Congressional Interest and Support for the CDM Program Transcript

Overview of Each CDM Dashboard Course

CDM Agency Dashboard Micro-Learn Videos

These short videos (3-10 minutes) of the new CDM Agency Dashboard will provide a foundation level of knowledge and background that will help end users of the dashboard prepare for our in-person training demonstrations and hands-on activities, as well as the implementation of the new dashboard.

You will need a FedVTE account to access the videos. To request an account, go to https://fedvte.usalearning.gov/register.php

CDM 111: Analyzing Cyber Risk with the NEW CDM Agency Dashboard (2-day event):

CDM 141: Introduction to the NEW CDM Agency Dashboard (2 hour event):

CDM 142: Asset Management with the NEW CDM Agency Dashboard (2 hour event):

CDM 201: Identity and Access Management Capabilities within the CDM Agency Dashboard (2 hour event):

This course introduces participants to the four management capabilities of the CDM Agency Dashboard: PRIV, CRED, TRUST, and BEHAVE. Discussion focuses on:

  1. the foundational knowledge needed to prepare your agency to use the CDM Agency Dashboard to reduce risks associated with identity privileges and credentials;
  2. an overview of how the CDM Agency Dashboard addresses user-centric data in addition to hardware and software information; and
  3. strategies for integrating the PRIV/CRED/TRUST/BEHAVE capabilities of the CDM Agency Dashboard into routine processes and workflows to drive increased risk awareness and mitigation.

Virtual Learning Training Environment

The Federal Virtual Training Environment (FedVTE) CDM Training Program is a library of online video vignettes for Government employees and contractors. https://fedvte.usalearning.gov/

AWARE (Agency-Wide Adaptive Risk Enumeration)

Let's Talk About ... AWARE

In this 17-minute episode, David Otto, a Risk Management Subject Matter Expert with the Continuous Diagnostics & Mitigation (CDM) Program, talks about how agencies can optimize the use of Agency-Wide Adaptive Risk Enumeration (AWARE) – an algorithm tied into the CDM Federal Dashboard that helps agencies measure risk. During an interview, by Mr. Jim Wiggins, Mr. Otto explains what AWARE is, what it does, and how agencies can use AWARE to improve their risk management decisions. Other topics include how agencies can interpret and socialize their AWARE results and how AWARE and the Risk Management Framework complement each other to mitigate risk.

Let's Talk About...AWARE Video

Let's Talk About...AWARE Transcript

CDM Agency-Wide Adaptive Risk Enumeration (AWARE) Overview

In this webinar, Dave Otto (CDM Program Office, AWARE Lead) presents an overview and discussion on the Agency-Wide Adaptive Risk Enumeration (AWARE) scoring algorithm and how it can be used to inform decision-making in the management of cyber risk. The recording is divided into three parts, due to its large media file size.

Learn How CDM’s AWARE Scoring Can Help You Reduce Cyber Risk

Learn how AWARE works, and how it can be used to reduce risks across the federal enterprise. Mr. Dave Otto, CDM Program Management Office presents a one-hour webinar on AWARE, providing an overview of the scoring methodology behind AWARE, and what you need to do to improve your agency’s score. He also offers insights on how AWARE could evolve as agencies gain more experience with CDM to support information security continuous monitoring policies.

Learn How CDM's AWARE Scoring Can Help You Reduce Cyber Risk Recording
Learn How CDM's AWARE Scoring Can Help You Reduce Cyber Risk Slide Deck
Learn How CDM's AWARE Scoring Can Help You Reduce Cyber Risk Certificate of Attendance

ISCM Technical Assistance Workshop

ISCM E-Learning Module

The Information Security Continuous Monitoring (ISCM) Technical Assistance Workshop will provide introductory information on the importance of building an ISCM strategy, how ISCM integrates with an organization’s Enterprise Risk Management (ERM) strategy, and ISCM program management and execution.

ISCM E-Learning Module Recording
ISCM E-Learning Module Slide Deck
ISCM E-Learning Module Certificate of Attendance

Supporting documents:

Ransomware

Using the CDM Agency Dashboard to Combat WannaCry Ransomware

This 15-minute video explains how a Federal Agency can use the CDM Agency dashboard to identify and mitigate system vulnerabilities that are exploited by the WannaCry Ransomware malware. The video demonstrates tasks that can be carried out in the CDM Agency dashboard to manage risks to agency systems and information that might be otherwise taken advantage of by this negative threat.

Using the CDM Agency Dashboard to Combat WannaCry Ransomware Video
Using the CDM Agency Dashboard to Combat WannaCry Ransomware Transcript

Vulnerability Management Using Drupal

The 10-minute video describes how the CDM program can be used to identify and remediate cybersecurity risks through vulnerability management using the example of Drupal Security Alerts.

Vulnerability Management Using Drupal Video

How to Address the Threat of Ransomware Attacks

Topics covered: What is Ransomware? How it works? What are the signs of infection? What can you do?

How to Address the Threat of Ransomware Attacks Video

Securing High Value Assets Series 

The FY19 Improving Agencies' Cyber Readiness micro learn series covers the top six risks identified in the “Securing High Value Assets” white paper published in July 2018. In this part, we discuss the topic of Patch Management as it relates to High Value Assets, also known as HVAs. This is one of a series of micro learns that present leading practices that DHS has identified in the operations and maintenance of HVAs.

Patch Management (1 of 5)

Topics covered: What is a High Value Asset? Why is this Patch Management finding important? What types of challenges do organizations face with Patch Management? What steps should your organization take to respond to this finding?

Patch Management Video

Enterprise Risk Management (2 of 5)

Topics covered: What is ERM? What is a High Value Asset? Why does ERM matter to HVAs? What does ERM mean to HVAs? How should Federal agencies plan to address this finding?

Enterprise Risk Management Video

Malware Defense (3 of 5)

Topics covered: What is Malware? Why does it matter? What this means to You.  What is a High Value Asset (HVA). What Issues did DHS find? Protecting HVAs.

Malware Defense Video

Ransomware (4 of 5)

How to Address the Threat of Ransomware Attacks

Topics covered:  What is Ransomware? How it works? What are the signs of infection? What can you do?

Ransomware Video

Authentication (5 of 5)

Topics covered:  Why does HVA authentication matter? What does it mean to you? How can you protect your organization?

Authentication Video

Webinar Series

The Webinar series is a sequence of interactive, online discussions intended for federal civilian agencies. The series aims to increase agencies’ understanding of cybersecurity organizational best practices, risk management concepts, and mission impact relative to the CDM Program.

The theme for FY19 focused on Improving Agencies' Cyber Readiness across the federal landscape. FY20 builds on that foundation and focuses on increasing cyber-readiness across the federal enterprise through proactive planning and decision-making. Specifically, FY20 webinars will provide operational insights and practices, then link them to the CDM Program and agency implementation of CDM capabilities. In addition, the webinars will include lessons to help agencies link operational cybersecurity with mission impacts and risk mitigation. 

How Identity, Credential, and Access Management (ICAM) Protects Your Agencies’ Assets

Learn about the importance of ICAM in the context of the CDM Program and the “life cycle” of agencies’ employees as they join, move in, then leave an organization. Mr. Ross Foard, Cybersecurity and Infrastructure Security Agency (CISA), CDM Program Management Office, and Mr. Aaron Fiebelkorn, CISA, Cybersecurity Division, present a one-hour webinar on ICAM. They discuss the credential management issues that arise during CDM Phase 2, how ICAM factors into cloud computing, and the zero-trust approach to access control.

ICAM Recording
ICAM Slide Deck
ICAM Certificate of Attendance

How Data Consistency Impacts CDM

Learn more about how data consistency impacts CDM from Mr. Rick McMaster, CDM Program Management Office. This webinar includes open discussions with attendees to better understand challenges and lessons learned.

Data Consistency Recording
Data Consistency Slide Deck
Data Consistency Certificate of Attendance

CDM Agency Dashboard: The CONOPS and Beyond

Learn about the Concept of Operations (CONOPS) for the Agency CDM Dashboard. Mr. Willie Crenshaw, Program Executive for CDM, National Aeronautics and Space Administration (NASA), and Mr. Mark Singer, Guidance and Planning Team Lead for Cybersecurity Governance, Federal Network Resilience Division, review the highlights of the CDM Agency Dashboard CONOPS, what features are included through CDM Release 6, and how agencies can take full advantage of Release 6 features.

CONOPS and Beyond Recording
CONOPS and Beyond Slide Deck
CONOPS and Beyond Certificate of Attendance

Learn How CDM’s AWARE Scoring Can Help You Reduce Cyber Risk

Learn how AWARE works, and how it can be used to reduce risks across the federal enterprise. Mr. Dave Otto, CDM Program Management Office presents a one-hour webinar on AWARE, providing an overview of the scoring methodology behind AWARE, and what you need to do to improve your agency’s score. He also offers insights on how AWARE could evolve as agencies gain more experience with CDM to support information security continuous monitoring policies.

Reduce Cyber Risk Recording
Reduce Cyber Risk Slide Deck
Reduce Cyber Risk Recording Certificate of Attendance

Past Events

LEGACY Introduction to Creating Queries & Reports Using the CDM Agency Dashboard (CDM102)

This course provides participants with the basic knowledge of continuous monitoring concepts. It includes four live demonstrations using the search, query, and reporting capabilities of the CDM Agency Dashboard to identify and report on vulnerabilities.

Demonstration course (2 hours) –
March 13, 2020 Recording link: https://dhsconnect.connectsolutions.com/pntxhot6j1hq/

LEGACY Using Measurements & Metrics of Hardware & Software Assets with the CDM Agency Dashboard (CDM103)

This course presents an overview of how the dashboard provides visibility into the metrics and measurements needed for a continuous monitoring program; explains how to create queries for HW and SW assets; and introduces a framework for using data reports to inform risk-based decision-making.

Demonstration course (2 hours)
April 9, 2020 Recording link: https://dhsconnect.connectsolutions.com/p40jgn4vpuow/

LEGACY Using the CDM Agency Dashboard to Drive Your Vulnerability Management Work Plan (CDM104)

This course introduces participants to CDM Agency-Wide Adaptive Risk Enumeration (AWARE).

Demonstration course (2 hours) –
April 28, 2020 Recording link: https://dhsconnect.connectsolutions.com/px4zy3c4yopg/

LEGACY CDM Agency Dashboard Asset Discovery Bootcamp (CDM110)

This in-person course incorporates the first three CDM Agency Dashboard training courses into one two-day event and allows additional time for hands-on exercises and questions. The class includes all content from

  • Introduction to Creating Queries & Reports;

  • Using Measurement & Metrics of Hardware & Software Assets; and

  • Using the CDM Agency Dashboard to Drive Your Vulnerability Management Work Plan.

Privacy Act Statement

Authority: 5 U.S.C. § 301 and 44 U.S.C. § 3101 authorize the collection of this information.

Purpose: The information on this website is intended for government cybersecurity professionals who are participating in the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program and for cybersecurity professionals who would like more information on implementing a continuous monitoring program. The primary purpose for the collection of this information is to allow the DHS to contact you about your registration using an approved version of Adobe Connect for the DHS CDM training program.

Routine Uses: The information collected may be disclosed as generally permitted under 5 U.S.C. § 552a(b) of the Privacy Act of 1974, as amended. This includes using the information as necessary and authorized by the routine uses published in DHS/ALL-002 - Department of Homeland Security (DHS) Mailing and Other Lists System November 25, 2008, 73 FR 71659.

Disclosure: Providing this information is voluntary. However, failure to provide this information will prevent DHS from contacting you in the event there are queries about your request or registration.

Was this document helpful?  Yes  |  Somewhat  |  No