{"id":153607,"date":"2022-02-11T13:30:01","date_gmt":"2022-02-11T21:30:01","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=153607"},"modified":"2022-02-11T12:36:26","modified_gmt":"2022-02-11T20:36:26","slug":"cyber-operational-collaboration","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2022\/02\/cyber-operational-collaboration\/","title":{"rendered":"Cyber Operational Collaboration Is Key for the \u201cNext Log4j\u201d Response"},"content":{"rendered":"

I was honored to appear<\/a> earlier this week before the U.S. Senate Committee on Homeland Security and Governmental Affairs to discuss the impact and scope of the \u201cLog4Shell\u201d vulnerability. As part of that, we discussed the key role played by cyber operational collaboration \u2013 what CISA director Jen Easterly has described as turning information sharing into information enabling<\/em>.<\/p>\n

Coming from a military background, I am hard-wired to serve a common goal. Our company shares this spirit, and I have found this to be the norm across the entire cybersecurity community. We are truly all in this together.<\/p>\n

As we face national-level vulnerabilities at the scale of Log4Shell<\/a>, it\u2019s more important than ever to create and build on initiatives that allow us to share information and transform it into actionable recommendations that organizations can use to defend against today\u2019s cyberthreats.<\/p>\n

 <\/p>\n

<\/a>Cyber Operational Collaboration: Promising Initiatives for the Cybersecurity Community<\/h2>\n

The Joint Cyber Defense Collaborative<\/a> (JCDC), sparked by congressional leadership, is a promising collaboration body of which we are proud to be a founding alliance member.<\/p>\n

Its structure provided a body to scramble a snap call the Saturday afternoon after Log4Shell emerged for industry competitors to act as partners with the government to share raw situational awareness.<\/p>\n

This can be an exemplar of successful public-private sector cooperation \u2013 specifically, the JCDC working as a venue for commercial competitors to act as peers and share rapidly developing situational awareness to help secure our National Critical Functions. We appreciate the commitment from CISA Director Jen Easterly to continue maturing the JCDC and maximize the bidirectional value it brings. We must continue building upon this partnership.<\/p>\n

I\u2019m also proud that one of my colleagues, Unit 42 Senior Vice President Wendi Whitmore, was selected just last week to serve on the Department of Homeland Security\u2019s Cyber Safety Review Board<\/a> alongside other esteemed cybersecurity leaders across government and industry. The CSRB\u2019s first tasking will be determining \u201ckey facts related to the root-cause of the Log4j vulnerabilities and exploitation and weaponization of the vulnerabilities.\u201d<\/p>\n

In addition to our active participation in the JCDC and CSRB, Palo Alto Networks is a member of the President\u2019s National Security Telecommunications Advisory Committee (NSTAC), where industry can provide advice to the White House and other senior U.S. Government stakeholders on national security policy and technology issues; the Executive Committee of the Information Technology Sector Coordinating Council (IT-SCC), which serves as the principal coordinating body between the Department of Homeland Security and IT sector; and the Defense Industrial Base Sector Coordinating Council (DIB-SCC).<\/p>\n

We are also an active participant in the DHS ICT Supply Chain Risk Management Task Force and were pleased to have been selected as a technology partner in NIST\u2019s National Cybersecurity Center of Excellence\u2019s 5G Cybersecurity Project<\/a>.<\/p>\n

Finally, we maintain robust threat intelligence sharing partnerships with DHS, the Cyber Threat Alliance<\/a> (of which we\u2019re a founding member), the Intelligence Community and across the international community to share technical threat data and collaborate to support government and industry response to significant cyber incidents, like SolarWinds<\/a>, Microsoft Exchange Server<\/a> and Log4Shell<\/a>.<\/p>\n

We look forward to continuing our commitment to being integrated homeland security partners and to collaborating with the cybersecurity community as we face the evolving threat landscape together.<\/p>\n

 <\/p>\n

<\/a>Best Practices Remain Vital<\/h2>\n

As we have these conversations, we cannot lose sight of key security pillars that we know reduce risk. These include:<\/p>\n

    \n
  1. Accurately understanding your attack surface through the eyes of the adversary.<\/li>\n
  2. Promoting common visibility across cloud, endpoint and on premises systems \u2013 not having data silos.<\/li>\n
  3. Driving industry adoption of Development Security Operations \u2013 or DevSecOps \u2013 best practices.<\/li>\n
  4. Automating security orchestration where possible \u2013 particularly as it relates to vulnerability management, incident response and compliance.<\/li>\n
  5. And yes, the well-trodden cyber hygiene basics that we know work. We know the consequences. As a society, we\u2019ve simply got to stop driving without our seatbelts in cyberspace.<\/li>\n<\/ol>\n

    A quick glance at cybersecurity headlines provides reinforcement why all of this matters. The threat landscape that I spend every day analyzing demands maximum vigilance<\/em>.<\/p>\n

    Whether it\u2019s vulnerabilities like Log4Shell, the ongoing ransomware threat, or our dynamic geopolitical environment (as our recently published research on a Russian-linked advanced persistent threat group<\/a> actively targeting Ukraine reinforces) \u2013 cybersecurity will undoubtedly remain a core pillar of our national security posture. Now, more than ever, this demands a whole-of-society approach.<\/p>\n

    If it feels like Log4Shell is just the latest in a string of vulnerabilities that the cybersecurity community must rally in response to \u2013 you are right. That\u2019s why it\u2019s important to look at Log4Shell both as a standalone vulnerability that demands discrete analysis, but also in the broader context of a rapidly evolving cyberthreat landscape. Log4Shell is not the first national-level vulnerability, and it certainly won\u2019t be the last.<\/p>\n

    Watch Jen\u2019s full testimony in this <\/em>replay of the hearing<\/em><\/a>. <\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

    Cyber operational collaboration is more important than ever for organizing effective responses to national-level vulnerabilities such as Log4Shell.<\/p>\n","protected":false},"author":89,"featured_media":153608,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[484,6724,6769],"tags":[8251,7191,6643,6074,586],"coauthors":[736],"class_list":["post-153607","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-government","category-points-of-view","category-public-sector","tag-apache-log4j-vulnerability","tag-collaboration","tag-cybersecurity-public-private-partnerships","tag-policy","tag-unit-42"],"jetpack_featured_media_url":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2022\/02\/Brainstorm.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/153607","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/89"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=153607"}],"version-history":[{"count":3,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/153607\/revisions"}],"predecessor-version":[{"id":153623,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/153607\/revisions\/153623"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/153608"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=153607"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=153607"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=153607"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=153607"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}