Page 34 - FCW, September/October 2021
P. 34

The Ongoing Quest for Cybersecurity
Executive Viewpoint
A conversation with
Chief of the Cybersecurity Collaboration Center, National Security Agency
This conversation is adapted from a presentation at an FCW event.
Proactive partnerships to protect critical systems
The Cybersecurity Collaboration Center came together with a clear vision: to develop robust, open and collaborative relationships with industry, government and academia
to prevent and eradicate threats to national security systems (NSS), the Defense Department and the defense industrial base (DIB).
The center was created for the express purpose of enabling NSA to work with
those sectors in an unclassified environment. Think about that: I just said “NSA” and “an unclassified environment” in the same sentence. This is huge for us. This is evolving our mission, and we know it’s something
we must do in order to be at the forefront of enabling the critical cybersecurity change that needs to happen in the U.S.
In particular, we partner with cybersecurity companies to better understand vulnerabilities to critical systems and jointly develop mitigation guidance to protect against the most sophisticated threats. Constant analytical exchange with our industry partners helps us build a more complete picture of the ever-evolving cyberthreats in real time. These conversations need to be happening every day, not just in times of crisis.
Providing actionable
mitigation guidance
DOD recently delegated to NSA the authority to expand its information-sharing capabilities to directly engage with the DIB and its service providers. The DIB consists of hundreds
of thousands of technology, manufacturing and service companies around the world
that work with DOD to design, develop and produce critical systems, platforms and technologies required to defend the nation. Data companies often store critical national
security information on their privately owned networks and have a wide range of cyber defense postures and capabilities, from excellent to non-existent. Those systems are constantly targeted by foreign adversaries to steal information and valuable intellectual property.
NSA’s engagement with these authorized cybersecurity partners is focused on the exchange of information that is critical to discover foreign adversaries who pose a threat to these networks and to provide actionable mitigation guidance about that activity and critical vulnerabilities by sharing advisory standards and indicators of compromise.
Cybersecurity standards for commercial technology
As technology advances, NSA has an interest in the security of commercial products
used to protect NSS, critical infrastructure, weapons systems and the DIB. Within the Cybersecurity Collaboration Center, the Center for Cybersecurity Standards amplifies NSA’s ability to prevent threats by partnering with vendors to ensure cybersecurity standards are baked into the development of the commercial products on which we all rely.
Standards cannot be developed
in a vacuum, though. The Center for Cybersecurity Standards relies on partnerships with the National Institute of Standards and Technology and with industry to build security into those products and standards.
It’s through this kind of public/private collaboration that we continue to make it increasingly difficult for our adversaries
to traverse across systems, software, cloud environments or network traffic, and keep our nation safer.
This interview continues at Carah. io/FCW-Cybersecurity-Interview.

   32   33   34   35   36