Public-Private Partnerships: Treating Cybersecurity as a Team Sport
It’s often said one of the hardest things to do is ask for help. Recognizing that you can’t do something alone isn’t always easy. The same concept also applies to private and public sector organizations. Modern cybersecurity is something that can no longer be addressed with a siloed approach. Industry and government may not always share the same mission, but they do share a common challenge of protecting their organizations from malicious actors. Recognition of this common adversary is starting to happen, but it is critical that moving forward we continue to view cybersecurity as a “team sport.”
Bringing together officials from federal agencies, technology companies, commercial organizations and academia, enables us to create unified solutions to address broad cyber challenges of national importance. The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE), which acts as the country’s lab for cybersecurity, is an example of an organization that is continuously bringing together government and industry thought leaders to discuss and collaborate on applied cybersecurity matters. As a result of a partnership with ten different technology vendors, NCCoE recently released a draft guide to a cybersecurity project titled IT Asset Management. This guide shows how financial institutions can increase their cybersecurity resilience by increasing visibility across their entire IT asset portfolio by using standards, best practices and commercially available solutions.
Like many organizations today, one of the central challenges financial institutions face is the growing number devices, systems and applications set up across a wide geographic area. These institutions often employ hundreds or thousands of individuals, which means the technology base required for smooth, efficient business operations is enormous – similar to what you would find in a large government agency or corporation. To protect themselves from security threats and make informed, data-driven decisions, they need to be able to track the exact location and configuration of their network assets. Subsidiaries, branches, third-party partners, contractors as well as temporary workers and guests all add complexity for these organizations. By collaborating with a consortium of technology vendors and combining different skills and expertise, NCCoE was able to create an effective “How To” guide that will enable organizations to increase IT asset management efficiencies, while sparing them research and proof of concept expenses. Financial institutions now have the tools to centrally monitor their networks and gain valuable insights into their IT assets through an automated platform.
To learn more about the IT Asset Management Guide, register to join Splunk and NCCoE experts in a webinar about “Strengthening Cybersecurity in the Financial Sector with the new NIST Practice Guide,” scheduled for January 14 at 9am PT. Join this webinar to learn more about the cybersecurity project including:
- The approach, the architecture, and how it can help financial institutions to improve their ability to defend against cyber threats
- How Splunk Enterprise provides key analytic and visualization capabilities in the architecture
- A live demo of the architecture where Splunk integrates with other tools such as Snort, Bro, BelManage and CA ITAM.
In this world of increasingly advanced cyber adversaries and exponential data growth, cybersecurity has evolved into a national priority. Strategic public-private partnerships have become of the most important and effective tools in our defensive and offensive repertoire. The teamwork between NCCoE and the consortium of technology vendors should serve as an example for future public-private partnerships.
Cybersecurity can no longer be isolated, it is a team sport that requires contributions from both government and industry.
Director, Solutions Marketing