The National Security Agency stood up the Cybersecurity Collaboration Center in late 2020, and in just its first year the center grew its partner base from less than 10 to more than 100. NSA’s Cybersecurity Collaboration Center harnesses the power of industry partnerships to prevent and eradicate foreign cyber threats to National Security Systems (NSS), the Department of Defense, and the Defense Industrial Base (DIB). This groundbreaking hub for engagement with the private sector is designed to create an environment for information sharing between NSA and its partners combining expertise, techniques, and capabilities to secure the nation’s most critical networks. These collaborative relationships leverage the unique strengths of both government and industry and represent a vital part of a whole-of-nation approach to cybersecurity.
Morgan Adamski is the chief of the Cybersecurity Collaboration Center. As the deputy strategic mission manager, Adamski led NSA cybersecurity efforts to build bi-directional analytical relationships with private-sector partners providing cybersecurity services to the Defense Industrial Base. Adamski has been at the forefront of NSA’s computer network defense, computer network exploitation, and cyber analysis missions for more than a decade. To mark Cybersecurity Awareness Month, Adamski shared with HSToday her thoughts on the cyber landscape and the Cybersecurity Collaboration Center’s role in protecting the nation.
Q: How has the Cybersecurity Collaboration Center broken new ground in preparing the private sector to face the cyber threats of today and the future?
A: NSA’s Cybersecurity Collaboration Center has broken new ground with the private sector by sharing its insights and technical expertise on malicious cyber threat actor activity in real-time. The information the Center shares is timely and actionable to empower the private sector to take meaningful action to mitigate the threat. The Cybersecurity Directorate and Center brings its subject matter expertise on cyber actors, threats, and analysis to all companies that are part of the Defense Industrial Base ecosystem to enable rich conversations and exchanges that provide context to the intelligence we share, help them understand the “why,” and clearly articulate the priority of the threat. Our focus is truly to provide the “Signal through the Noise.”
Q: What are the top concerns you hear from industry partners about the nature of that threat and their preparedness to face it?
A: Industry is faced with the same challenges government is faced with today: an overwhelming large quantity of cyber threat intelligence and data that lacks context. Building off the comments from the previous question, the top concerns we hear from industry are that they are concerned that they do not always understand the context of the data and priority/nature of the threat. Given the large number of threats industry faces on a daily basis, the Center’s ability to contextualize and prioritize threats to Defense companies helps partners hone their resources on countering the most significant threats who are trying to steal our military secrets and gain the competitive advantage.
Q: In addition to incident reports, how does the intelligence community benefit from increased cyber information sharing from the private sector?
A: The Intelligence Community greatly benefits from cyber information sharing and technical insights from the private sector because the private sector engages multiple different sectors and customer sets across the board, meaning they often have more cross-cutting information that presents a more complete comprehensive picture of the threat and attack surface. Secondly, the private sector brings its expertise and technical capabilities to bear on cybersecurity challenges in complementary ways to the Intelligence Community, leading to impactful mission outcomes where the combination of the private sector and the intelligence community leads to “the whole is greater than the sum of the parts”.
Q: Innovation is a cornerstone of the Cybersecurity Collaboration Center. How does the center harness this to drive the mission forward?
A: Innovation is a frame of mind; it’s about being creative, thinking differently, failing fast, and being open to ideas that are not constrained by the past due to bureaucracy. At the Cybersecurity Collaboration Center, we instill innovation in our approach to our work each and every day through our drive toward mission success and outcomes. We innovate through technology, industry partnerships, policy, operations, and many other topics and areas. Some of our innovation is evolutionary, in which we are improving an existing process or capability. Other times, we are revolutionizing the way NSA does a core business, like industry partnerships. Innovation comes in many different forms at the Center, but we believe the most important part of innovating is giving our most important resource — our people — the ability to question the status quo and push the boundaries of government bureaucracy.
Q: What are key lessons you’ve brought from your cybersecurity experience to the CCC mission?
A: My cybersecurity experience is grounded in the ability to adjust to challenges and the unknown, while also building foundational processes to more efficiently execute outcomes at scale. The CCC was built on a vision. NSA leadership recognized we needed to engage industry differently on cybersecurity and build lasting, robust partnerships. Information sharing is good, but it is the context that people want. NSA needs to share not only technical indicators but also its unique insights on cyber actors while protecting its equities. We need to live where our partners live — in the unclassified domain, so our efforts to build a physical Cybersecurity Collaboration Center with unclassified spaces to invite partners into and collaborate with was key to rich, robust engagement. Almost all aspects of the CCC’s mission were new territory for NSA in a time of a pandemic, significant cyber incidents, and growing concerns over limited talent to build a cybersecurity workforce. It’s been two-years of “Duck, Swerve, and Carry On!”
Q: What is one thing you wish more of the private sector knew about working with the government on cybersecurity?
A: The government, and specifically the Cybersecurity Collaboration Center, has the ability to engage and help in the area of cybersecurity in a number of unique ways that not all industry partners are tracking. As we’ve mentioned here, the Center does a significant amount of bi-directional information sharing, but we also provide cybersecurity services to any Defense Industrial Base partner at no cost, such as protective DNS and vulnerability scanning, and we publish mitigation guidance and advisories on our website. There are so many ways to collaborate with us to achieve joint mission outcomes. NSA is the nation’s leading cybersecurity agency — we want to help.
Q: Where would you like to see this collaborative cyber effort in five years?
A: We are all in this together to Defend and Secure the Nation; that’s the ultimate goal and where we want to be. In five years, we’d like the collaboration to be seamless, ubiquitous, timely, and actionable across the U.S. government and the cybersecurity community. Our bi-directional information sharing capabilities are driven by both analysts and technology, and our cybersecurity services are deployed across the Defense Industrial Base at scale. Partners trust us and we trust them. Operational Collaboration is not just the new chapter for public-private partnerships but the central plot in how we degrade and deny nation-state actors from stealing our nation’s secrets and threatening our U.S. critical infrastructure.