The Importance of US Cybersecurity
The United States and our allies rely on information technologies to conduct mission critical operations and process sensitive data. New technology introduces both risks and opportunities to secure these systems.
USCYBERCOM is the nation’s unified combatant command for cyberspace and operates globally in real time against determined adversaries. The Command defends Department of Defense information systems and supports military commanders with their cyberspace planning and operations.
Threats
As federal agencies, businesses and individuals increasingly depend on IT systems for critical operations and processes, the security of these systems is more important than ever. The threat landscape is constantly evolving with new cyberattacks and the capabilities of hackers to exploit these systems.
Many cybersecurity threats are carried out by sophisticated threat actors who are organized and well-funded. They use advanced tactics to steal data or gain access to sensitive IT systems.
Threats are growing more complex and harder to detect. The sophistication of attacks has increased and the number of victims is rising.
Attacks can be launched from anywhere in the world. These threats include:
Detection
Detecting cyber attacks is essential to the mission of the Department of Defense and its global networks. It is a complex, 24x7x365 process involving monitoring and defending network assets from attack, identifying vulnerabilities, and detecting suspicious behavior.
As technology evolves, so do the threats we face. New information and security technologies present both risks and opportunities, and we seek to understand them as they emerge. We provide risk assessment and mitigation through vulnerability analysis, configuration standards development, security testing and evaluation and guidance on new systems and emerging technologies.
Hacking, espionage and equipment failures illustrate the need for cybersecurity in military and civilian operations. The President’s Executive Order on Improving the Nation’s Cybersecurity prioritizes Federal agency investments in strengthening cyber resilience and reducing the threat of malicious cyber activity. NSA works with partners, allies and industry to ensure our national security networks are protected and secure. NSA also provides guidance on new technologies, promotes awareness and education, and participates in cybersecurity standards and certification.
Response
In addition to detecting cyberattacks, cybersecurity employs response and recovery processes. These methods are designed to prevent the exploitation of vulnerabilities in federal information systems, mitigate the impact of cyberattacks and minimize the cost and disruption that could result from these attacks.
The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, private sector, and ultimately the security and privacy of the American people. To address these threats, the Administration is making significant investments in federal agency cybersecurity defenses and promoting cultural change within Federal agencies.
USCYBERCOM operates the National Cybersecurity Protection System (NCPS), which provides intrusion detection and prevention capabilities to federal departments and agencies. CISA Central uses advanced network and digital media analysis expertise to identify malicious activity targeting our networks and produces timely, actionable information for sharing with federal departments and agencies, state and local governments and international partners. This information supports a common incident response playbook.
Prevention
Our Nation’s critical infrastructure and the privacy of the American people rely on information technology (IT) systems to conduct operations, process data, and enable services. Unfortunately, malicious actors are increasingly willing and capable of compromising these systems and their data.
In response, the Department of Homeland Security (DHS) has taken a number of actions to enhance cybersecurity and improve incident response capabilities across the Federal Government. This includes adopting security best practices; advancing toward Zero Trust Architecture; accelerating movement to secure cloud services; and centralizing and streamlining access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks.
In addition, DHS is working to remove contractual barriers and increase the sharing of cybersecurity threat information, vulnerability assessments, and mitigation activities to bolster deterrence, prevention, and response efforts. This also enables the Federal Government to leverage private sector capabilities to help ensure that our cyberspace is as secure as possible.