Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense
Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense

DHS Cyber Security Initiative Plans To Partner Public & Private Sectors

NRMC Will Focus On Cross-Sector Threats

Add bookmark
Dan Gunderman
Dan Gunderman
09/03/2018
[Featured Image: chrisdorney/Shutterstock.com]

Cyber security is a systemic, deep-seated domain that is not going away anytime soon. Private sector executives and analysts fight targeted malware attacks and insider threats, and those in the public sector are charged with the same task.

It is easy to associate a cyber-attack with a top Wall Street financial institution, seeing as the “crown jewels” there can spell serious monetary gain. However, nation-state actors are also targeting critical infrastructure, government agencies and the electoral process (e.g., 2016 presidential election meddling). In both cases, sensitive information is on the line.

Hacktivists may be seeking political intelligence, while other threat actors attempt to encrypt files and demand a ransom payment from healthcare organizations, cities or banks, etc.

One thing in clear: Progress in cyber security must be constant, and reflected in every pocket of defense. That is to say, across sectors and via open lines of communication.

With more than 140,000 members, Cyber Security Hub is the vibrant community connecting cyber security professionals around the world.

See Related: 'Excessive Security' Could Slow The Business, But Is There Such A Thing?

In July, the Department of Homeland Security (DHS) announced the formation of a new initiative, the National Risk Management Center (NRMC), poised to continue the nation’s longstanding battle against illicit cyber activity.

From the outset, however, cyber security experts questioned whether that mission would overlap with the DHS’ National Cybersecurity and Communications Integration Center (NCCIC).

It is now clear, however, that there is a distinct difference between the two.

[Photo: Gil C/Shutterstock.com]

According to reporting from FCW, the NRMC will focus on persistent, systemic threats while the NRMC will continue its information-sharing mission and its efforts to liaise between industry and government.

The report cites commentary from Matthew Travis, Deputy Undersecretary of the National Protections and Programs Directorate. Travis spoke at an Aug. 28 conference in Washington, D.C., and said the NCCIC will remain an information-sharing hub poised to facilitate cooperation across sectors (while combating threats like the 2018 Atlanta ransomware attack or the 2017 WannaCry attacks). Travis said the NCCIC will also share threat indicators, conduct trainings and provide analysis and technical advisories.

Travis indicated that NCCIC provides “situational awareness” of cyberspace and the “dot gov domain.”

See Related: Incident Response Plans Heighten All Facets Of Cyber Defense

Conversely, the NRMC will set out to ameliorate persistent threats targeting public, private and critical infrastructure sectors. FCW notes that focus areas will include technology supply chain protocols and strategies to defend the electrical grid and election systems.

The NRMC will go beyond liaising, too, and will draw upon insight from analysts in the private sector and critical infrastructures. Travis said experts will use advanced analytics to address ongoing threats.

In the Aug. 28 speech, Travis added: “We’re going to be taking analysts from the private sector, from those banks on Wall Street that are targets of these nation states, from electric companies that help maintain  the power grid.” In turn, the experts will work with analysts at the DHS or Department of Energy or the Treasury.

The wider objective, it seems, is to continue NCCIC efforts to share relevant information to the proper parties, and allow the NRMC to focus on complex, persistent threats that could ultimately wreak havoc on U.S. businesses and agencies.

Scott Tousley, Deputy Director of the Cyber Security Division of the DHS Advanced Research Projects Agency, called the NRMC a way to move away from a singular focus on the threat of the day (toward a more holistic approach), FCW notes.

In its infancy, the NRMC may review legislation and policies and advise Congress on potential flaws. It is clear, however, that the NRMC’s inclusion of the private sector is an ambitious goal that will expand the number of defenders trying to reduce the attack surface.

Be Sure To Check Out: Onfido CTO Discusses Identity Verification, Blockchain, ML

Tags: cyber security DHS Department of Homeland Security initiative public sector private sector cross-sector collaboration information sharing malware ransomware threat indicators threat intelligence data cyberspace NRMC NCCIC CSH CS Hub Cyber Security Hub Cyber Attack Wall Street

FIND CONTENT BY TYPE

Cyber Security Hub COMMUNITY

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Learn more
iqpc logo

Cyber Security Hub, a division of IQPC

© 2024 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC| Contact Us | About Us | Cookie Policy