One year ago, the National Security Agency (NSA) stood up the Cybersecurity Collaboration Center in an open business park outside NSA’s fence line, breaking down barriers between the Agency and the outside world.
In the past year, through sharing actionable, contextualized threat intelligence derived from NSA’s foreign signals intelligence mission, thousands of analytic exchanges between the Collaboration Center and industry partners on known foreign actors helped identify and prioritize critical threats. The insights shared by NSA enable partners to detect adversary targeting of their infrastructure and mitigate the activity to protect their networks and customers.
“We only see part of the picture. We see something in SIGINT, our partners see activity on their networks. The only way to mitigate the threat is to communicate and collaborate in real-time to drive outcomes,” said Morgan Adamski, Chief, NSA Collaboration Center.
The Cybersecurity Collaboration Center represents Defense Industrial Base (DIB) companies that support Department of Defense (DoD) programs for cryptography, weapons and space, and nuclear command and control, and their major service providers. The work done in its first year has been significant, and the best part is, they’re just getting started.
Cybersecurity Collaboration Center Year One by the Numbers:
- In just one year, the Center grew its partner base from less than 10 to over 100.
- NSA vulnerability research is a key aspect of our cybersecurity mission, as we rely on many commercial products across national security and Defense. In 2021 the Center disclosed a number of vulnerabilities, including a series of five critical vulnerabilities in Microsoft Exchange, to be patched by the vendor.
- Through the Enduring Security Framework, NSA and CISA worked across sectors to explore threats to 5G security, releasing a series of five threat informed papers. This series is now available to all on NSA.gov.
- Through the Protective Domain Name System (PDNS) pilot, the Center has processed more than 3.8B queries and blocked more than 6.5M malicious domains, including known Russian spear-phishing, botnets, and malware. To date, the Center has provided PDNS services to 40 DIB contractors, and expects to scale to hundreds more in the coming year. Read more from NSA’s Cybersecurity Information Sheet, “Selecting a Protective DNS Service”, or hear about the project in the Collaboration Center’s first episode of the Collaboration Center Speaker Series.
- NSA participated on technical committees that developed 12 international standards in secure internet protocols, 5G security, and enterprise IT security. These efforts are critically important as foreign adversaries are seeking to use standards bodies as forums to push standards hostile to a free and open internet and digital democracy.
- As commercial products are increasingly relied on to secure National Security Systems (NSS), through the National Information Assurance Program (NIAP), the Cybersecurity Collaboration Center certified 91 commercial components for use in protecting NSS and published 14 Protection Profiles to raise security in those products. Protection Profiles are vendor-agnostic guidelines that raise security in commercial products by defining proper configurations.
Hear from Morgan Adamski in NSA’s Cybersecurity Collaboration Center one year anniversary video, and keep tabs on the Center by following @NSACyber on Twitter.
To read the guidance mentioned above and more, visit NSA.gov/cybersecurity-guidance.