When and Why Will US Cybersecurity Resilience Get Better?

摘要

1.US Transportation Command (US-TRANSCOM) and the Defense Logistics Agency (DLA) need more Defense Industrial Base (DIB)-wide support and transparency as part of any systemic improvement. 2.NDTA will stay on the forefront as an education-focused association, but any public/private effort requires joint mobilization by the Departments of Defense (DOD), Homeland Security (DHS), and Transportation (DOT), among others. When NDTA's Cybersecurity Best Practices Committee gathered in the Spring of 2015 at the US National Cybersecurity and Communications Integration Center (NC-CIC), the group grappled with the increasing threat to the DIB, and to industry overall, starting with the kill chain analysis of the 2013 Target breach and other attacks around that time. Former USTRANSCOM Chief Information Officer, Brig Gen Greg Touhill, USAF (Ret.), co-led the session as the NC- CIC's Director. Soon after the session, Brig Gen Touhill went on to become the nation's first US Chief Information Security Officer (CISO) in 2016. The function of that role was to support all 300,000 members of the DIB, as well as the 30 million small and local companies like "DIB-Co." During each of the five subsequent years, the frequency and severity of attacks continued to accelerate at a disturbing pace projected by those 2015 military and private sector participants. Meanwhile, an entire industry of cryptocurrency exchanges has grown up to facilitate ransomware and other anonymized financial transactions without any "know your customer" regulations.