author photo
By Cam Sivesind
Thu | May 16, 2024 | 12:23 PM PDT

Businesses are constantly looking for trusted resources to help bolster their security posture. They may have found a powerful new ally in the U.S. government's latest cybersecurity initiative.

The National Security Agency (NSA) recently launched its Cybersecurity Collaboration Center (CCC) with the goal of proactively helping private companies and federal partners fight off advanced cyber adversaries—at no cost. And judging by the enthusiastic response so far, the CCC's services are poised to be in high demand.

Through the CCC, the NSA is sharing its extensive knowledge, threat intelligence, and advanced cybersecurity capabilities directly with organizations across sectors like technology, energy, finance, and more. Services include threat analysis reports, guidance on mitigating active threats, insights into nation-state hacking groups, and even direct assistance from the NSA's top cybersecurity experts during active intrusions or incident response.

Notably, the CCC services are available free of charge to any eligible organization, regardless of size, resources, or prior NSA ties. This opens the door for even small and medium-sized businesses (SMBs) to access cybersecurity expertise and defensive knowledge typically reserved for national security and law enforcement operations. The pressures facing SMBs keep mounting.

The rollout of the CCC should be welcome news for businesses facing increasingly sophisticated cyberattacks from criminal groups and state-backed hackers. Many have struggled to hire and retain top cybersecurity talent as threats grow more daunting by the day.

"This capability is not available anywhere else in the world," said Morgan Adamski, Director of the NSA's Cybersecurity Collaboration Center. "We are bringing all the NSA's cybersecurity talent together to share our knowledge and better enable our partners to defend their networks."

While the CCC is still in its infancy, major technology companies, critical infrastructure providers, and financial institutions are already partnering with the NSA team. Popular services include receiving actionable intelligence on threats targeting their systems and leveraging the NSA's leading malware reverse-engineering skills to remove cyber threats after breaches.

A December 2023 National Security Agency/Central Security Service press release examined the agency's 2023 Year in Review report that looked back at successes in 2023. Among its wins, the report cited, "Increased enrollments in NSA's no cost cybersecurity services to Department of Defense contractors by 400%, hardening infrastructure and strengthening the Defense Industrial Base."

Of course, some cybersecurity experts have expressed skepticism around allowing NSA operatives deep inside private networks, citing longstanding privacy and civil liberties concerns. However, the NSA insists it has implemented robust vetting and access procedures to protect confidentiality.

If successful, the pioneering Cybersecurity Collaboration Center could usher in a new era of public-private cybersecurity cooperation. And with proactive NSA support now just a call away, businesses may finally have a fighting chance against even the most formidable threat actors.

Some additional insights from a May 15, 2024, press release about the CCC's success include:

  • To date, more than 1,000 industry partners have signed up for CCC services. These companies have broad and deep reach, ranging from major service providers that can harden billions of endpoints to small businesses that provide critical components to the nation’s most sensitive systems.
  • Small businesses make up the majority (70%) of the Defense Industrial Base (DIB) supply chain. These small businesses have access to sensitive Department of Defense (DoD) information, but often don't have the technical expertise or other resources to defend their networks against a sophisticated nation state threat, according to Bailey Bickley, NSA's DIB Defense Chief.

    "These companies are an attractive target for our adversaries who are seeking to steal U.S. intellectual property in order to build their own military capabilities and economies," Bickley said. "We don't expect small businesses to defend against nation-state threats alone. It's in NSA's and DoD's best interests to help."
  • NSA also benefits by receiving DNS data that the CCC is able to run custom analytics over to better understand ways that nation-state actors are targeting the DIB, and then, defend against them.
  • The service is processing 70 million DNS queries a day and has blocked billions of malicious queries to date, including ransomware activity and known nation-state spear phishing, malware, and botnets, according to statistics compiled by the Cybersecurity Directorate's DNS provider.

Companies with active DoD contracts are encouraged to learn more about the CCC and enroll in NSA's DIB Cybersecurity services. Get started by filling out a Cybersecurity Services Contact Form.