ENGINEERING
Industry Partners Join the National Cybersecurity Center of Excellence
In recognition of the critical need to protect private-sector intellectual property and other valuable business data from a growing number of cyber threats 11 major companies have formally established partnerships with the National Cybersecurity Center of Excellence (NCCoE). U.S. Senator Barbara Mikulski, U.S. Cyber Command Commander/National Security Agency (NSA) Director General Keith B. Alexander, Maryland Governor Martin O’Malley, Montgomery County Chief Executive Isiah Leggett and Under Secretary of Commerce for Standards and Technology and NIST Director Patrick Gallagher joined the new partners for a signing ceremony today at the NCCOE’s facilities in Rockville, Md.
The center, a public-private partnership hosted by the U.S. Commerce Department’s National Institute of Standards and Technology (NIST), works with industry, academic and government experts to find practical solutions for businesses’ most pressing cybersecurity needs. The NCCoE was formed through a Memorandum of Understanding between the state of Maryland, Montgomery County and NIST.
At the ceremony, representatives from the new partner companies – Cisco Systems Inc., Hewlett-Packard, HyTrust Inc., Intel Corp., McAfee Inc., Microsoft Federal Civilian Services, RSA, Splunk Inc., Symantec Corp., Vanguard Integrity Professionals and Venafi Inc. – pledged to contribute hardware and software components and share best practices and personnel with the center.
“Cybersecurity is one of the toughest technical challenges facing the nation today,” said Under Secretary Gallagher. “NIST looks forward to working with these top private-sector companies and our state and federal partners in Maryland to help the National Cybersecurity Center of Excellence jumpstart its work to better protect our vital IT infrastructure and business information.”
U.S. businesses and organizations face daily threats to their data and systems. According to industry surveys, in 2011 more than 174 million records were compromised worldwide, costing businesses billions of dollars and threatening privacy and consumer confidence.
“Maryland is the global epicenter of cybersecurity, leading the way in finding cyber tech solutions that make our country safer and creating cyber warrior jobs that make our economy stronger,” said Senator Mikulski, chairwoman of the Senate Appropriations Committee. “Because of Maryland’s incredible federal assets like NIST and NSA, our turbo private-sector and iconic academic institutions, America’s cyber defense starts in Maryland. Joining the forces of the National Cybersecurity Center of Excellence at NIST with these new private-sector partners will unite their private-sector savvy with the deep cybersecurity knowledge of the government to make our country safer and Maryland’s economy stronger.”
“Cyber threats cut across networks, borders and sectors, and leaders in government and industry must work together to help protect the nation’s critical infrastructure and information,” said General Alexander. “No one organization can do the job alone. NSA supports NIST’s efforts to partner with industry to tackle cyber challenges. NIST has been a great partner to work with and we know they will be great partners on the National Cybersecurity Center of Excellence.”
The NCCoE serves as a testbed where users and vendors can collaborate on new ideas and technologies prior to deployment and thoroughly document and share each solution. This encourages the rapid adoption of comprehensive cybersecurity templates and approaches that support automated and trustworthy online activities.
“Just over a year ago, the State and Montgomery County signed a Memorandum of Understanding with NIST to establish the National Cybersecurity Center of Excellence, where government, our business community and our academic institutions will collaborate to grow and support the cyber industry,” said Governor O'Malley. “Today, the inaugural industry partners officially join us in this endeavor, bringing together the talent and technology to protect us from cyber attacks, bolster our emerging cybersecurity sector, and position Maryland as the national leader in discovery, detection and defense.”
“I applaud the participation of these major companies in the NCCoE,” said County Executive Leggett. “As the resource dedicated to helping businesses secure their information systems, the center and its partners could not have selected a more welcoming or supportive environment. We look forward to our role as champion and partner of the center.”
Center participants integrate commercially available technologies to create solutions that can be rapidly applied to the cybersecurity challenges that businesses face each day. To equip those businesses with practical ways to implement cost-effective, repeatable and scalable cybersecurity solutions, the center follows a four-step process:
- identify the problem and define a project around relevant technical “use cases” in which needs are currently unmet;
- assemble a team of cybersecurity experts from industry, government and academia;
- build practical model solutions based on commercially available technology that are repeatable, secure and can be used with various products; and
- facilitate rapid, widespread deployment and use of these solutions.
Work at the NCCoE is focused around specific industry-sector challenges. In February 2013, the center launched the Secure Exchange of Electronic Health Information Demonstration Project to develop a platform that allows health care providers to securely document, maintain and exchange clinical information using electronic methods. The project’s first use case focuses on securely exchanging health information via a mobile device. Additionally, the center will work on “building block” solutions that can be applied across industry sectors.
Vendors, users, researchers and others can participate in the center through a variety of collaborative mechanisms, in addition to the official partnerships that were announced today. Vendors are invited to provide hardware, software, expertise or solutions to problems; users can help by providing information and feedback to validate and improve solutions; and integrators can help customers implement the NCCoE example solutions in real environments and provide feedback.