security operation center consolidation
TRANSCRIPT
![Page 1: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/1.jpg)
![Page 2: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/2.jpg)
Security Operation Center Consolidation
Chris Agar,
Chief of the NSA Cybersecurity Threat Operations Center
![Page 3: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/3.jpg)
The Cyberthreat Landscape
• Espionage and exploitation
• Disruption and destruction
• Corrosion
![Page 4: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/4.jpg)
Unity of Effort
• GEN Paul Nakasone is the Director of NSA
and Commander of U.S. Cyber Command.
He leads:
• A world-class intelligence agency
• A Unified Combatant Command
![Page 5: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/5.jpg)
![Page 6: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/6.jpg)
The Integrated Cyber Center
• NSA and U.S. Cyber Command share a 24/7 operations floor for the first
time in September of 2018, and invite U.S. government and FVEY partners
to join them
• Formerly, NSA and U.S. Cyber Command worked in two operations
centers that sat side by side
• Communication and collaboration existed, but not at the same level
![Page 7: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/7.jpg)
The Integrated Cyber Center
• NSA’s missions are foreign signals intelligence and cybersecurity
• U.S. Cyber Command is responsible for command and control of military
operations and for the defense of Department of Defense Information
Networks
• They operate under separate missions and authorities
![Page 8: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/8.jpg)
![Page 9: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/9.jpg)
![Page 10: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/10.jpg)
The Advantages of Integration
• Partners sitting together allows for continuous, near real-time information
sharing and tactical synchronization
• If an activity emerges, they can respond immediately
• Enhanced awareness and collaboration between partners
• Mission support has easy access to operations floor
![Page 11: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/11.jpg)
Securing the Midterm Elections
• U.S. Government operations centers communicated leading up to election
day, and then synched throughout the day
• The ensured rapid information sharing and situational awareness of threat
and incident reporting for all mission partners
• NSA and U.S. Cyber Command were postured to provide on-site support
for activities undertaken by DHS and FBI
• U.S. Cyber Command established independent election cell
![Page 12: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/12.jpg)
Operations Enabling Cell
• An Integrated Cyber Center cell where partner analysts are imbedded and
can perform their home agency mission, while collaborating with NSA,
U.S. Cyber Command and other partners on the floor
• Enhanced analyst collaboration led to countermeasures that mitigated a
phishing campaign targeting the U.S. Government
![Page 13: Security Operation Center Consolidation](https://reader036.vdocuments.site/reader036/viewer/2022070810/62c60e36cc2ca95a0f231a50/html5/thumbnails/13.jpg)
The Cybersecurity Directorate
• Mission to prevent and eradicate threats to national security systems and
critical infrastructure, focused initially on the defense industrial base and
the improvement of our weapons’ security
• CSD will better position NSA to operationalize its intelligence, vulnerability
assessments, and cybersecurity expertise by fully integrating these efforts
• Partnership will be critical, as will sharing information