The Defense Information Systems Agency, National Security Agency and Defense Department Chief Information Officer have launched a new collaborative effort that will aim to constantly update cybersecurity architectures across the DoD Information Network infrastructure.
DISA said Monday the Non-secure Internet Protocol Router Network and Secret Internet Protocol Router Network Cybersecurity Architecture Review — also dubbed NSCSAR — will compare current cybersecurity technologies against a threat framework to determine adversaries’ techniques.
“NSCSAR is trying to answer three questions, which cybersecurity solution do we need, how much is enough, and where can we take risk?” said Pete Dinsmore, DISA risk technology executive.
“We’re taking an adversary perspective, looking at our defenses the way an adversary does and saying ‘Where can we mitigate the adversary and where are we having difficulties?’” he added.
Dinsmore further noted NSCSAR will be updated every 90 days to help address new vulnerabilities and threats in the environment and foster a reactive approach.
NSCSAR completed the first 90-day cycle in April and is scheduled to fulfill a second period in June 30, DISA noted.
NSCSAR will work to supply information for decision-makers across areas of budget, portfolio management, and DODIN architecture, DISA said.
The agency added the cybersecurity framework aims to regularly publish recommendation, affirmation and observation reports for stakeholders.