DHS partnership with service providers gives high-risk industries more visibility of cyberthreats
Staying ahead of malicious actors is challenging, but organizations can take advantage of advanced threat intelligence through partnerships the Department of Homeland Security created with accredited communications service providers.
A new report explains that critical infrastructure operators, businesses and government agencies can gain unique access to threat signatures, network traffic patterns and emerging cyberthreats by working with Enhanced Cybersecurity Services (ECS) providers that have unique access to DHS’s wealth of threat intelligence.
The special report, produced by CyberScoop and underwritten by CenturyLink, highlights how the DHS-ECS partnership can provide top executives in industry and government powerful insights gleaned from active monitoring both by DHS and global network carriers like CenturyLink.
A global communications provider like CenturyLink monitors about 114 billion NetFlow sessions and 1.3 billion security events per day, the report says. By combining real-time insights from that volume of network activity with DHS’s cyberthreat intelligence, ECS providers are able to give industry and public sector leaders an edge on how hackers may be at work on their systems.
Some industries are more at risk than others, especially as it relates to the nation’s 16 critical infrastructure sectors identified by DHS. The size, scope, complexity and interconnectedness of these sectors put them beyond the ability of the federal government to defend alone — which is why this ECS partnership is so important, the report said.
“DHS collects a lot of threat information, and that’s what we can provide to critical infrastructure operators,” said Dave Young, CenturyLink’s senior vice president of strategic government.
“They can’t get that information directly from DHS,” he explained. “They can only get it through a communications service provider. And you have to be an ECS provider authorized by DHS.”
With an increase in the sophistication of cyberattacks, and malicious actors sponsored by nation-states, heightened visibility enables IT executives to better anticipate and protect against these threats.
By enhancing threat awareness, ECS providers can also offer additional monitoring services such as threat intelligence platforms. This provides the ability to identify traffic originating from anonymous proxy networks and improve threat scoring, fidelity and classifications for web hosting and content delivery network providers associated with suspicious IP addresses, the report explains.
“CenturyLink can provide ECS customers with network-based, inbound security measures that neutralize dangerous threats and prevent harmful code from becoming embedded into an organization’s IT infrastructure,” Young said.
Read the special report, “Gain an insider’s view of Homeland Security Department threat intelligence” for more information about DHS programs aimed at improving information sharing to combat cyberattacks.
This article was produced by CyberScoop and underwritten by CenturyLink.