Security Operations
Overview
Security Operations at CMS is focused on identifying and responding to cyber threats or incidents, while helping CMS teams follow best practices in continuous monitoring, risk management, and cybersecurity.
The CMS Cybersecurity Integration Center (CCIC) and Security Operations Center (SOC) offer a variety of services and assessments to help your team comply with federal information security standards and make risk-based decisions to protect sensitive information.
All resources in Security Operations
General Information
Policies and Handbooks
Latest articles and updates
- 8/18/2025ArticlesFrom Zero Trust
Privileged Access Management (PAM) at CMS
Least-privilege is critical to securely managing privileged access to data. CMS ADOs should manage privileged access (PAM) for humans and non-humans.
- 8/15/2025ArticlesFrom Training and Awareness
Smart security with AI-driven Splunk
Improving CMS cybersecurity and enhancing SIEM performance with artificial intelligence
- 7/16/2025ArticlesFrom Zero Trust
Using Zero Trust Identity principles to ensure security for AI-based services
Learn how best practices of the ZT Identity pillar hold the key to working securely with AI agents, and what steps your team can take to be prepared.