By Keith Ibarguen
The cyber environment is evolving at an unprecedented rate, and therefore cybersecurity must do the same. The Biden administration recognized this with the release of its latest National Cybersecurity Strategy which highlights that the international, collaborative, economic, and technical elements of cyber must be addressed to continue to advance our collective ability to defend our computers, networks, and data.
Defending against the increased complexity of the cybersecurity landscape will require a whole-of-world approach where lessons and best practices, combined with data, tradecraft and resources are shared in real-time.
Cofense resonates strongly with this philosophy, being a full end-to-end email security company that places tremendous emphasis on threat intelligence sharing and collaboration. Combining a global network of more than 35 million people with artificial intelligence and machine learning, we have access to a dynamic and vast dataset of actionable, advanced threat intelligence to hunt, detect, and remove threats in real-time as they enter the email ecosystem.
Much like the United States’ National Cybersecurity Strategy, Cofense’s strategy is to leverage collaboration and information exchange from as broad a platform as possible and use it to defend in real-time.
Five Pillars of the National Cybersecurity Strategy: How Cofense Aligns
Pillar One: Critical Infrastructure
Core to this pillar is to not only collaborate across sectors, but also to ensure the providers of critical infrastructure have the tools and controls in place to be successful. This requirement will trickle down to vendors as well, who must adhere to new controls, requests for software bills of materials (SBOMs), explanations of software provenance, patching and other overarching controls. Regulations to make our cyberspace more resilient are important, but they must be grounded in reality and truly contribute to the security of the system in question.
Critical Infrastructure must take full advantage of globally known threat intelligence, but also requires knowledge of threat information coming directly to that industry or company. It is the combination of crowdsourced intelligence and local intelligence, paired with technology able to leverage that combined knowledge in real-time, that can make the difference.
How Cofense Aligns
The Cofense Global Intelligence Network utilizes real-time, crowdsourced insights from millions of users around the world to automatically remove attacks first seen by other Cofense customers, block attacks that have never been seen before, and utilize the power of automated technology without the worry of false positives. Powered by unique intelligence sources, including crowd-sourced human generated intelligence, trained artificial intelligence, and intelligence generated by our core of professionally trained email analysists, we are dedicated to sharing actionable insights with customers to help defend the enterprise.
Pillar Two: Disrupt and Dismantle Threat Actors
The federal government has tremendous capabilities used for the disruption of malicious activities. However, the private sector, and in particular the parts of the private sector that are global themselves, are unique places for adversary detection and thus tremendous opportunities for disruption.
How Cofense Aligns
Cofense is a global company, one that sees emerging threats in real-time, and has the ecosystem to enrich this information and deliver it where it can be most effective. Threat training through simulations of real phishing attacks plays a big role in this, where a well-informed community can provide a wealth of emerging threat data. Cofense has a wealth of the latest email threats that is leveraged as training material for detecting the next threats. These capabilities are directly aligned with Strategic Objective 2.2: Enhance Public-Private Operational Collaboration to Disrupt Adversaries, as well as Strategic Objective 2.3: Increase the Speed and Scale of Intelligence Sharing and Victim Notification.
Another focus for Cofense is strategic objective 2.5: Counter Cybercrime, Defeat Ransomware. Most breaches that result in ransomware originated in email. Protecting against exploitation of that threat vector is a leading step to reducing ransomware attacks and other attacks that can compromise your business.
Pillar Three: Shape Market Forces to Drive Security and Resilience
Pillar three is focused around ensuring there is clear incentivization to developers and stewards of software and data to be accountable for the security of their products.
How Cofense Aligns
Cofense builds software and services geared around ensuring protection. The software itself must be trustworthy for this endeavor to be successful. We are committed to developing software to the highest NIST and federal standards, with solutions authorized and available in the FedRAMP marketplace. The Cybersecurity Strategy puts an emphasis around building safe-harbor frameworks for software development, extending the existing frameworks over time as technologies advance. Cofense builds software to these frameworks and will continue monitoring and evolving in step with these standards.
Pillar Four: Invest in a Resilient Future
The current generation of products, services, and personnel, struggle to keep pace with new technical offerings as well as emerging threats. Investment in people, both STEM as well as general computer users, will reap great benefits in the future.
Pillar four focuses on both the human factor of resiliency, as well as the need to shore up the foundations of the internet such that we are no longer relying on an aging and difficult to defend environment. Federal research into how to do this will be critical, and extremely broad in nature, but it will be grounded in the Nation’s ability to bring a technical workforce to bear on these hard problems.
How Cofense Aligns
Strategic Objective 4.6: Develop a National Strategy to Strengthen Our Cyber Workforce is at the core of this pillar, and Cofense is committed to hiring and growing the best talent we can to tackle these emerging threats. For instance, Cofense employs a wide range of analysts in our intelligence team with diverse specialties, where intra and cross team pollination, collaboration, and mentoring occurs daily. And this job is critical to the National Strategy, since it is serving to protect companies that fall into the category of Critical Infrastructure. These companies benefit from the collective knowledge of all our Cofense customers, and thus contribute to both the collective knowledge, and the depth of the cyber talent pool.
Pillar Five: Forge International Partnerships to Pursue Shared Goals
How Cofense Aligns
This critical pillar is directly in line with Cofense and what we bring to the global cybersecurity ecosystem. Every day, Cofense is taking threat data that is coming from around the world and leveraging it to protect all. In many ways, this can be thought of as a follow-the-sun threat process; however it happens day and night. The bottom line is, through mindful threat sharing and continuous evolution to new vectors and tradecraft, Cofense is securing the email ecosystem globally.
There are other important elements to this pillar as well. Cofense is involved and participating with critical international members and participants involved in global security. These agreements are critical to enable the international communication channels that will distribute threat information between partnering nations.
It is through participating in these activities with organizations and individuals developing the policies, engaging across international lines, and expanding the impact of the Cofense ecosystem that will help us make great strides in maximizing how the world leverages Cofense intelligence, thus helping secure our critical email systems.
Conclusion
Cofense is a global email security vendor that leverages the power of a network of humans, distributed around the world, and combines that human-sourced intelligence into a threat feed that continually evolves to keep ahead of emerging tradecraft. This threat feed is then turned into action that proactively defends email systems from existing and emerging attacks.
Cofense is committed to keeping apprised and involved with emerging cybersecurity policies and strategies from around the globe. The United States National Cybersecurity Strategy, as it has evolved over the years, provides a critical forcing function to the maturation of cyber not just at home, but across the globe. It provides much-needed leadership to the world in how to evolve, and Cofense is committed to contributing to this strategy in many constructive ways.
