CIO Bulletin

Transforming cybersecurity through collective defense—IronNetInc

Today’s treat and digital risk landscape stretch far beyond any single entity’s comprehension. Often functioning as islands with the occasional outside data, financial institutions, healthcare organizations, webmail providers, tech companies, utilities, and everyone is constantly bombarded with cyber threats.

In the past, the popular movie-based version of a hacker appeared in the form of a scrawny young evil genius sitting in a dark basement. However, the modern cyber threat landscape has witnessed the menace of highly organized and resourceful cybercrime groups, often supported by nation-states, targeting private and public sector organizations. This has created the need for organizations to implement a collective defense model for cybersecurity to thwart such advanced threats instead of merely following a reactionary approach: collective defense.

The concept of collective defense is not entirely new. It had come into play frequently throughout world history when allies joined forces to overcome common enemies. In the modern context, the collective defense cybersecurity strategy has gained popularity due to the similar dynamics that play out with state-sponsored actors and the variety of attack vectors they use to target organizations.

When critical infrastructure or services used by numerous organizations get struck by destructive cyberattacks, such incidents can cascade effects across many organizations and business operations. One of the leading companies to provide cybersecurity through collective defense is IronNet. IronNet Cybersecurity is a global cybersecurity leader revolutionizing how enterprises, industries, and governments secure their networks. IronNet takes the skills of its top-notch cybersecurity operators with their real-world, public and private sector, offensive and defensive cyber experience and integrates their deep tradecraft knowledge into its industry-leading products to solve the most challenging cyber problems facing the industry today.

Collective Defense: empowering cybersecurity through collective effort

A few years ago, when Gen (RETD) Keith Alexander witnessed his 16 grandchildren scattered throughout his house playing the game Fortnite, he realized something: Even if they had been playing from their respective homes, they would have still been collaborating and strategizing, just as effectively, to survive on the island. This was collective defense at work.

“When it comes to defending against cyberattacks, we need to battle as a team. I don’t mean to imply that Collective Defense for cybersecurity is child’s play, a game,” Alexander says. Unfortunately, several significant cyberattacks over the past year, including the SolarWinds incident and the Colonial Pipeline ransomware shutdown, suggest otherwise. But we can look to the underlying aspects of this collaborative approach to change the current cybersecurity playing field, which simply isn’t working.

Based on his experience with the US Cyber Command, Alexander says that the offense always won by actively creating new exploits, constantly modifying malware, massively scaling at an almost unimaginable level, and escalating to nation-level attacks employed by Russia, China, Iran, North Korea — and many other rogue, non-nation state actors.

Cybersecurity defense that brings together organizations, states, and nations in a real-time network to defend against cyberattacks is the only way to compete against these adversaries and rampant ransomware gangs that just won’t quit.

Alexander’s commitment to the Collective Defense mission is even more profound today than when he and his co-founders first set out to build IronNet in 2014. They now have significant like-minded customers onboard who have joined the mission, including energy leaders such as Southern Company and American Electric Power, financial firms such as NBH Bank, and a sovereign wealth fund with a $300 billion portfolioof MSSP partners such as ITC Secure.

The critical elements of IronNet’s Collective Defense

As the cyber “safe zone” is shrinking every day, IronNet says we can defend it with the following elements:

Network detection and response (NDR) based on behavioral analytics

Let’s face it: false positives are the bane of every SOC operator’s existence. Behavioral analytics driven by machine learning can improve detection efficacy, but math alone is not enough. We need human intuition and insights augmented by world-class AI and ML techniques to be effective. IronNet’s Collective Defense draws on an expert system that takes the experience of some of America’s top cyber defenders and combines those insights with advanced AI/ML. With these capabilities in a highly scalable NDR system, cyber defenders can keep up with determined cyber adversaries with almost unlimited budgets and time to attack enterprises every day.

Leading collective defense based cybersecurity into the future

Just listed as a public company IronNet is scaling this mission in the US and globally. Defending as a unified front is the only way to turn the tides back in favor of progress and prosperity brought on by innovative digital transformation. Cyber adversaries share attack methods, tools, and insights to improve their offensive capabilities. Isn’t it time that cyber defenders do the same?

Defenders currently work together, but unfortunately, this often happens in an ad-hoc manner with a small subset of individuals. What if we could collaborate at scale? That is what Collective Defense aims to do: to enable communities of public and private companies within a supply chain, industry, state, or nation to work together against a threat in real-time.

The ability to pool knowledge and leverage shared insights improves cyber detection and risk mitigation for the Collective Defense community. It prevents the attacker from reusing the same TTP to “cherry-pick” enterprises individually as they do today. Anonymously sharing these insights with the government allows the government to take action against that threat at the national level to neutralize or lessen the impact of the threat on enterprises under their jurisdictio

Revolutionizing cybersecurity through collective defense

General (Ret) Keith Alexander is the Founder, Chairman & Co-CEO and President of IronNet Inc. He provides strategic vision to corporate leaders on cybersecurity issues by developing cutting-edge technology, consulting, and education/training.

General Alexander is a four-star general with an impressive 40-year military career, culminating in the role of the Director of the National Security Agency (NSA) and Chief of the Central Security Service (CSS) from 2005 to 2014. Congress appointed him the first Commander to lead the US Cyber Command (USCYBERCOM).

He holds a BS from the US Military Academy, an MS in Business Administration from Boston University, an MS in Systems Technology and an MS in Physics from the Naval Post Graduate School, and an MS in National Security Strategy from the National Defense University.