The Pentagon’s Cyber Command (CYBERCOM) foreign cyber threat sharing program is looking to double the number of private sector partnerships it has this year.
Under Advisement (UNAD) is an unclassified program that was officially stood up in 2020 and allows partners across all sectors of industry to collaborate and share technical information on foreign threats. The program has been pivotal in countering foreign cyber threats to the nation, a recent press release from CYBERCOM says.
This two-way information-sharing program supports the Department of Defense’s (DoD) mission outside of the United States, enabling a broader threat picture and bolstering network defenses for both the U.S. government and industry partners.
“Under Advisement, and the relationships we have built with our industry partners, is game-changing,” said U.S. Army Maj. Gen. William Hartman, commander of Cyber National Mission Force (CNMF), the organization that launched UNAD. “We are able to enrich industry data with our expertise and unique insights, and share that back with trusted private sector partners – who then can better defend their networks at home, while we pursue malicious cyber actors abroad.”
The agency explained that CNMF has unique authorities to conduct defensive cyber operations abroad in partner nations’ networks at their invitation. If novel malware or indicators of compromise are found on those hunt operations, UNAD can rapidly share with private industry and interagency partners, enabling them to harden cyber defenses before those threats can reach U.S. networks.
UNAD is one part of the U.S. government’s engagement with industry, and closely partners with other government-industry partner programs like the National Security Agency’s Cybersecurity Collaboration Center and the Department of Homeland Security’s Joint Cyber Defense Collaborative.
“Partnerships in cyberspace gives us an advantage that our adversaries don’t have,” said U.S. Army Lt. Col. Jason Seales, chief of Under Advisement. “A threat to one of our networks is a threat to all, and it takes public stakeholders and private industry to build foundational cyber defenses in and through partnering.”
UNAD is comprised of highly skilled technical experts – both military and federal civilians – who are in daily contact with industry via secure chat applications and invite-only industry forums. In every interaction, UNAD communicates in full, transparent attribution as members of Cyber Command’s Cyber National Mission Force.
“We’ve seen how critical UNAD has been in major cyber events such as SolarWinds, Hafnium, and Colonial Pipeline,” said Seales. “UNAD can be described as ‘CYBERCOM’s canaries in the coal mine’…we’re an early warning to malicious cyber activity. We warn our partners in a way that allows them to act and it’s done daily on a foundation of collaboration, trust, and partnership.”
The agency said that after three years of continuous, real-time information sharing and collaborative response to national-level events, the program hopes to build upon lessons-learned and successes while doubling the number of private-sector partnerships in 2023.