Strengthening National Cyber Defense Through Partnerships and Innovation.
Defending the United States in Cyberspace
Initiative #12. Mobilize the national cyber technology and innovation base.
NSA continues to partner with the DIB through cybersecurity initiatives such as no-cost security services and contract incentives that align with DIB cybersecurity requirements. These partnerships prevent common adversary exploitation vectors and ensure the Department’s networks are protected. They also support the Department’s ability to campaign in cyberspace to strengthen deterrence and gain advantages.
Threats
Increasingly sophisticated cyberattacks pose serious threats to cybersecurity. These include malware, phishing and other social engineering attacks, data breaches, man in the middle (MitM) attacks, denial of service attacks and more.
Cyberattacks can disrupt national and business systems and damage critical infrastructures. These cyberattacks are often carried out by state-sponsored adversaries, terrorists and organized crime groups.
These attackers are using networks of hackers to infiltrate governmental and organizational systems for monetary gain or industrial espionage. They also use techniques such as spearphishing, whaling (targeting high-profile employees) and diversion theft to steal privileged information.
Additionally, the COVID-19 pandemic has accelerated the shift to remote work and made it easier for criminals to exploit employees. Many organizations grant third-party contractors access to their systems, opening up a new route into an organization’s information. In addition, the growing number of IoT devices creates more opportunities for hackers to break into private and corporate systems. This is exacerbated by a lack of security standards on these devices, including weak passwords and the failure to require multi-factor authentication.
Defending Critical Infrastructure
Cyber attacks are increasingly targeting critical infrastructure sectors, such as transportation, water supply, energy, oil and gas distribution and communication systems. Attacks can result in a disruption of services with kinetic and non-kinetic impacts, as well as damage to the economy and national security.
To mitigate these risks, the Department is pursuing a holistic approach to defense and response. The National Coordinator, working with Sector Coordinators and Sector Liaison Officials and the NIPC, will encourage the establishment of a private sector information sharing and analysis center (ISAC) to gather, appropriately sanitize, and disseminate intelligence from infrastructure owners and operators.
To enhance defense, the Department is also pursuing research to improve infrastructure protection. For example, a vulnerability assessment can help owners and operators identify the most critical vulnerabilities that need to be addressed. This can be combined with a risk management process to inform business continuity planning and emergency operations procedures. It can also be used to develop and test countermeasures that would reduce the likelihood of an incident occurring.
Defending the United States
Defending the United States in cyberspace is a critical element of the Nation’s defense strategy. Our federal agencies and the Nation’s critical infrastructure rely on information systems to perform their missions, process essential data, and defend themselves from malicious cyberattacks. Malicious actors are increasing in capability and willingness to target these systems. Attacks on federal information systems have increased across most categories, and the cost of attacks has grown.
Adversaries use malicious cyber activities to gain asymmetric advantage, sow discord, and harm the American people. The Department supports whole-of-Government efforts to raise the Nation’s cybersecurity standards, increase resilience, and render malicious cyber activity less useful. In the event of an armed conflict, military cyber capabilities are most effective when they operate in concert with other instruments of national power to create a deterrent greater than the sum of their parts. This is a core component of integrated deterrence as articulated in the 2022 NDS.
Defending the DIB
The Defense Industrial Base (DIB) is the backbone of our national defense and military capabilities. It is also a target for adversaries who seek to steal sensitive information or disrupt critical systems. To defend the DIB, we must work together.
The Framework provides a framework for DIB organizations to improve their cybersecurity programs using a structured process that starts with an assessment of their current profile and ends with determining their targeted profile. The resulting Plan of Action and Milestones help an organization identify gaps and prioritize their mitigation pursuits.
The DIB CS program maintains meaningful relationships and dialogue across a broad range of eligible DIB contractors, providing them with a variety of products, services, and meetings, including a cyber threat intelligence collaborative web platform and a secure network, and the ability to submit unclassified mandatory incident reports and cyber threat information sharing reports to DC3. This information is used by DoD and other Intelligence Community entities to anticipate where adversaries might collect against DIB networks and networks that host Defense Department information.