As cyber threats continue to evolve in complexity, collaboration is more crucial than ever and serves as the “fuel” of cyber operations, according to David Carroll, associate director for mission engineering at the Cybersecurity and Infrastructure Security Agency (CISA).
At Splunk’s GovSummit in Washington, D.C., today, Carroll delivered a keynote speech in which he called on industry to get involved with CISA – especially through its Joint Cyber Defense Collaborative (JCDC).
The JCDC – established by Congress in 2021 – aims to reduce cyber risk through continuous operational collaboration between trusted partners in the public and private sectors.
“I’m not naive, I’ve worked on both the offensive and defensive side of cyber operations. I know what we’re up against. But, the real fuel of this is the collaboration,” Carroll said. “The real fuel of this is all of you and industry getting together with us and protecting our nation. It’s critical.”
Currently, Carroll said that JCDC has over 150 computer emergency response teams, or CERTs, including internationally. In just the last year, he said the CERTs have shared 1,000 pre-ransomware notifications with organizations.
On the government side of things, CISA also collaborates with Federal agencies and shares critical threat information through its Known Exploited Vulnerability (KEV) catalog.
“On average, when you approach a problem and you share and collaborate and you use KEV, the average is about nine days faster for remediation, a 79 percent reduction in the attack surface,” Carroll said. “And that’s amazing.”
Going forward, CISA expects that remediation time to only decrease. For example, Carroll said that his data scientist came to him a few weeks ago to let him know that they found a threat and countered it with a model in less than 24 hours.
“In two years, that’ll be less than an hour. In five years, that’ll be almost instantaneous,” he said, adding that artificial intelligence will play a big role in cyber operations going forward.
In fact, Splunk unveiled new research this morning that found the majority of public and private sector organizations are already using AI in production. Eighty percent reported their organizations were already addressing cybersecurity priorities with AI, including AI-enabled monitoring (34 percent), risk assessment (33 percent), and analysis of threat data (29 percent).
“As we talk about the future, the collaboration, it’s not just going to be together, it’s going to be with these types of technologies, [such as] artificial intelligence,” Carroll said.
“We want to hear your problems, we want to help, and we want to provide those services that are essential to the defense of the country and others,” he added. “The call to action here is come to us. Help us. Get involved in JCDC. Use our products.”