An initiative begun more than a year ago to strengthen cyber partnerships with the national security sector, including the defense industry, is now bolstering cybersecurity in other industry sectors, a National Security Agency (NSA) official said on Wednesday.
In the past nine months, the NSA’s Cybersecurity Collaboration Center, working with information gathered from the defense industrial base (DIB) that in turn has been “married” with signals intelligence (SIGINT) has resulted in “some pretty big activities to disrupt at scale,” Rob Joyce, director of the agency’s Cybersecurity Directorate, said during a fireside chat hosted by the Aspen Institute.
This is an example of “protecting and working to take that super power of intelligence and operationalize it,” he said.
The collaboration is more than just information sharing, Joyce said, adding that it’s bringing together analysts and then pushing out the information to strengthen cyber defenses in other sectors of the economy.
“So, not just information getting thrown over the fence but the deep analyst to analyst, and then that information spread out into other sectors and we’re able to help contribute to bigger defensive outcomes that scale much beyond the defense industrial base,” he said. “[We’re] Talking to companies that are cloud providers, infrastructure providers where their dedicated defense teams talk to the SIGINTERs and do it at an unclassified level so they can be operationalized. That’s really magical.”
Joyce said his directorate is working to get “left of theft,” which means preventing cyber-attacks from happening in the first place by using intelligence. The directorate is using the foreign intelligence that the NSA collects on cyber threats to help in its various partnerships, including with the Department of Homeland Security’s Cybersecurity Infrastructure and Security Agency on protection of critical infrastructures, with the FBI on criminal activity, and defending national security systems, he said.
The directorate is also “laser focused” at the moment on helping the Defense Department boost the cybersecurity of the nation’s weapons systems and platforms, Joyce said. Protecting these systems is a “priority,” he said.