Page 24 - CARAHSOFT, September/October 2021
P. 24

The Ongoing Quest for Cybersecurity
Executive Viewpoint
A conversation with
Chief of the Cybersecurity Collaboration Center, National Security Agency
This conversation is adapted from a presentation at an FCW event.
Proactive partnerships to protect critical systems
The Cybersecurity Collaboration Center came together with a clear vision: to develop robust, open and collaborative relationships with industry, government and academia to prevent and eradicate threats to national security systems (NSS), the Defense Department and the defense industrial base (DIB).
The center was created for the express purpose of enabling NSA to work
with those sectors in an unclassified environment. Think about that: I just said
“NSA” and “an unclassified environment” in the same sentence. This is huge for us. This is evolving our mission, and we know it’s something we must do in order to be
at the forefront of enabling the critical cybersecurity change that needs to happen in the U.S.
In particular, we partner with cybersecurity companies to better understand vulnerabilities to critical systems and jointly develop mitigation guidance to protect against the most sophisticated threats.
Constant analytical exchange with
our industry partners helps us build
a more complete picture of the ever- evolving cyberthreats in real time. These conversations need to be happening every day, not just in times of crisis.
The direct connection of experts on both sides yields incredible results. It is not transactional information sharing. It
is a conversation about what we are seeing, what we don’t understand and who else has the pieces of the puzzle to help us build that comprehensive picture.
There is no silver bullet in cybersecurity. Rather, it takes a layered defense and proactive collaboration to prevent threats against critical systems.
Providing actionable mitigation guidance
No one entity has complete visibility
into malicious activity across all systems, software development, cloud environments and network traffic. Each person from industry, government and academia brings a unique perspective to the table, and today’s evolving threat landscape requires a whole-of-community effort to defend against those cyberthreats.
Having a more comprehensive threat picture helps us create advisories and mitigations that we share with DOD, the DIB, cybersecurity analysts and network defenders in real time.
DOD recently delegated to NSA the authority to expand its information-sharing capabilities to directly engage with the DIB and its service providers. This delegation encompasses DIB members themselves as well as the technology and cybersecurity providers that support them.
The DIB consists of hundreds of thousands of technology, manufacturing and service companies around the world that work with DOD to design, develop and produce critical systems, platforms and technologies required to defend
the nation. Data companies often store critical national security information on their privately owned networks and have a wide range of cyber defense postures and capabilities, from excellent to non-existent. Those systems are constantly targeted by foreign adversaries to steal information and valuable intellectual property, giving a strategic advantage to our adversaries and competitors.
NSA’s engagement with these authorized cybersecurity partners is focused on the exchange of information that is critical
to discover foreign adversaries who pose
a threat to these networks and to provide

   21   22   23   24   25