The National Security Agency is six weeks into a pilot program where a private third party is providing select companies from the defense industrial base with services to secure their domain name system use.
Anne Neuberger, head of the cybersecurity directorate the NSA stood up in October, shared insights into the pilot during an exclusive interview Thursday, the last day of the Defense One Tech Summit.
The technology being tested has the potential to drastically change the security posture of small- and medium-sized companies and follows analysis the NSA conducted on how to maximize results given the limited budgets of such entities, Neuberger said.
“We began a pilot called secure DNS,” she said. “Our analysis highlighted that using secure DNS would reduce the ability for 92% of malware attacks both from command and control perspective, deploying malware on a given network.”
Neuberger said not many people may be aware of the program because her office likes to focus more on trying a lot of new ideas rather than just talking about them.
But the effort dovetails with others, such as one looking to provide continuous monitoring services to contractors that undergo the Defense Department’s Cybersecurity Maturity Model Certification program, where third parties play a larger role in protecting entities that work with the department.
Neuberger said her office worked with Defense’s chief information officer in implementing the pilot which could result in “enabling” other companies to provide similar services and bring the fruits of the technology to scale.
“We partnered with our partners across DOD, for example, the DOD CIO, to both understand what actors might be doing to target the DIB ..
Support the originator by clicking the read the rest link below.
