“What is past is prologue…”
― William Shakespeare (The Tempest)
How It Started …
Following the SolarWinds attack in 2019, the National Security Council conducted an internal review of the SolarWinds cyberattack review and issued a key finding as the need to “…improve threat intelligence acquisition, sharing, and use among federal agencies.” Further, the issuance of Executive Order 14028 (E.O. 14028) specifically highlighted dangerous shortfalls associated with federated procurement practices of cybersecurity threat intelligence products stating “increasing the sharing of information about such threats, incidents, and risks are necessary steps to accelerating incident deterrence, prevention, and response efforts and to enabling more effective defense of agencies’ systems and of information collected, processed, and maintained by or for the Federal Government.”
The diffusion of cybersecurity threat intelligence capabilities across the sprawling defense enterprise undoubtedly contributed to some of the worst cybersecurity attacks in recent history for the United States. And, upon review, highlighted the inherent fragility such a fragmented system can create without central oversight and guidance. Lacking the mechanisms to deliver dynamic threat intelligence products in real time and at scale, the federal, state and local government, including the Department of Defense, remains at risk for continued cyber attacks and will be impaired in its ability to understand the totality of the attack surface and options for both defensive posturing and offensive maneuvering.
How It’s Going …
However, in response to such chaos and potential future risk, a group of bipartisan lawmakers put forth an important piece of bipartisan legislation in the National Defense Authorization Act for Fiscal Year 2022, in order to create coherence and efficiency across the Department of Defense’s virtual presence in the cyber domain.
The establishment of a program management office (PMO) and designation of an executive agent for enterprise-wide procurement of commercial cyber threat information products is a critical, if not belated, step towards unifying otherwise disparate procurement practices and application of threat intelligence capabilities to secure the Department’s cybersecurity enterprise.
Lt. Gen. Robert Skinner, director of the Defense Information Systems Agency (DISA), spoke at a recent AFCEA/DISA event and emphasized the compounding challenges which are affecting the Agency’s ability to remain current and secure “We have too many different problem sets, too many different licenses and from a Department of Defense standpoint, we’re looking for best value when it comes to enterprise licenses, not 10 different bets and values within the same product that are actually different.”
Under the direction of the appointed executive agent, the legislatively-directed PMO will be responsible to research commercial cyber threat intelligence products, align Department of Defense cyber threat intelligence requirements to such commercial products, and execute development of contractual agreements between defense components and commercial providers – at scale, across the Department’s expansive virtual presence in the cyber domain. In short, the Department of Defense will finally have an objective arbiter to create coherence and real-time response opportunities by streamlining the procurement and integration of commercial cyber threat intelligence capabilities across the expanse of its virtual extent.
… And How Recorded Future Is The Enterprise Solution
Commercially available threat intelligence is a force multiplier for any organization seeking to gain a more holistic understanding of vulnerabilities – and opportunities – in the cyber domain. Recorded Future, seamlessly integrated with critical cybersecurity mission owners such as the U.S. Cyber Command and is a trusted provider of a comprehensive threat intelligence capability that is not just complimentary, but an indispensable tool for the federal government’s classified sources and analysis.
In a recent exclusive with the Wall Street Journal, the Director of National Intelligence (DNI), Avril Haines, commented that current information classification processes by the U.S. federal government “reduces the intelligence community’s (IC) capacity to effectively support senior policy maker decision-making, and further erodes the basic trust that our citizens have in their government. It is a fundamentally important issue that we must address.”
With the inclusion of SecurityTrails’ Attack Surface Intelligence platform, Recorded Future demonstrates a profound and unparalleled comprehension of the dynamic and tenacious nature of the threat landscape. The addition of this Attack Surface Intelligence with Recorded Future’s existing Threat, Vulnerability, Geo-political, and other, Intelligence Modules – further enhanced with industry-leading, curated intelligence analysis by the Insikt Group – enables public sector customers with coherent and actionable intelligence to not just know the threats, but to understand the context.
As a global leader in security intelligence, Recorded Future is the natural solution to integrate threat intelligence across the national security enterprise, at scale. The vast amount of bespoke intelligence sources curated by Recorded Future empowers cybersecurity and intelligence with real-time visibility of the complete threat landscape, providing decision makers insight into totality of an organization’s attack surface and corresponding shadow infrastructure.
Though the adversary will never stop searching for vulnerabilities to exploit, especially regarding such lucrative targets throughout the federal, state, and local infrastructure, Recorded Future’s out-of-the-box holistic intelligence solution delivers unparalleled insights to those customers through cross-organizational collaboration by synthesizing thought and expertise across missionsets, enabling action to thwart, deter, or counter the attackers.
With the direction to establish a PMO for commercial threat intelligence offerings, the US government, and other clients focused on national security, now have an opportunity to create coherence out of chaos, integrating proven threat intelligence capabilities such as Recorded Future across the enterprise for unified and structured response. The time is now, and Recorded Future *is* the future.
This post appeared first on Recorded Future’s Blog
Author: Jessica Carroll