OTHER

Agency-Wide Adaptive Risk Enumeration (AWARE)

AWARE: Measuring Cybersecurity Performance

Addressing the Worst Problems First

Agency-Wide Adaptive Risk Enumeration (AWARE) is CDM’s risk-scoring methodology. It provides participating agencies with enhanced situational awareness of cyber risk and enables timely remediation of threats and vulnerabilities while addressing the worst problems first.

AWARE addresses a mix of factors affecting cybersecurity, including vulnerability type, how long the vulnerability existed, and where the vulnerability occurs.

Currently, AWARE measures each agency’s overall cybersecurity posture. As AWARE matures, the CDM Program will develop a system-level approach, exploring how each system within the agency is doing, the FISMA level, and how agencies are performing with a variety of activities such as multifactor authentication and threat intelligence.

Agency-Wide Adaptive Risk Enumeration (AWARE)

Addressing the Worst Problems First

Resource Materials

Tags

CDM Data Model Document 4.1.1

Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software

Understanding and Responding to Distributed Denial-Of-Service Attacks

PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders

Agency-Wide Adaptive Risk Enumeration (AWARE)

Addressing the Worst Problems First

Resource Materials

Tags

Related Resources

CDM Data Model Document 4.1.1

Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software

Understanding and Responding to Distributed Denial-Of-Service Attacks

PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders