Security Operations

Quick Access

Overview

Security Operations at CMS is focused on identifying and responding to cyber threats or incidents, while helping CMS teams follow best practices in continuous monitoring, risk management, and cybersecurity.

The CMS Cybersecurity Integration Center (CCIC) and Security Operations Center (SOC) offer a variety of services and assessments to help your team comply with federal information security standards and make risk-based decisions to protect sensitive information.

All resources in Security Operations

General Information

Breach Response

Policies and Handbooks

Tools and Services

Latest articles and updates

8/20/2025
UpdatesFrom Zero Trust
Bridging the Gap: Introducing the CMS Zero Trust Forge
An introduction to a new tool to scope granular, least privilege Kion Cloud AWS IAM Policies and Roles
8/18/2025
ArticlesFrom Zero Trust
Privileged Access Management (PAM) at CMS
Least-privilege is critical to securely managing privileged access to data. CMS ADOs should manage privileged access (PAM) for humans and non-humans.
8/15/2025
ArticlesFrom Training and Awareness
Smart security with AI-driven Splunk
Improving CMS cybersecurity and enhancing SIEM performance with artificial intelligence

Visit the blog to see more articles and posts.

Authorization to Operate (ATO)

Ongoing Authorization (OA)

Assessments & Audits

CMS Policies and Guidance

Federal Policies and Guidance

Application Security

Security Operations

Risk Management and Reporting

Agreements

Privacy Activities

Privacy Resources

Reporting & Compliance

System Security

Tests & Assessments

Security Operations

Quick Access

Overview

All resources in Security Operations

General Information

Policies and Handbooks

Tools and Services

Latest articles and updates

Bridging the Gap: Introducing the CMS Zero Trust Forge

Privileged Access Management (PAM) at CMS

Smart security with AI-driven Splunk