Author's Note: BlackBerry acquired Cylance in February 2019. All references in this blog to the Cylance organization and its branded products and services utilize BlackBerry branding.
If anyone still needed convincing, the HAFNIUM, SolarWinds, and Colonial Pipeline cyberattacks have conclusively demonstrated the failure of a national cyber defense strategy that relies upon arms-length partnerships between government and industry. Now, there are encouraging early signs that this may be changing.
On May 12, 2021, President Biden signed an Executive Order that empowers the Department of Homeland Security (DHS) and its inter-agency partners to "modernize federal cybersecurity, expand information-sharing, and dramatically improve our ability to prevent, detect, assess, and remediate cyber incidents." According to Secretary of Homeland Security Alejandro Mayorkas, "Addressing these risks to our way of life is a shared responsibility that depends upon close collaboration between the public and private sectors." Among other initiatives, stakeholders from both sectors will participate in a newly established Cyber Safety Review Board charged with assessing government agency cyber readiness. The group will also be empowered to stand up a Cyber Unified Coordination Group to "coordinate the investigation and remediation" of cyber incidents that affect federal government networks.
These are still early days, and the challenges are immense. Only time will tell whether the order produces meaningful results or gets derailed by political infighting or bureaucratic entanglements. In the meantime, we should not neglect existing public/private sector partnerships with an established track record for aiding national defense. One example is In-Q-Tel™, a not-for-profit strategic investor that provides start-up funding for fledgling businesses developing cutting-edge technologies for U.S. government agencies.
A Private Industry Success Story
One of the most successful of In-Q-Tel's portfolio companies is BlackBerry OEM partner Bricata. Since its founding in 2014, the company has grown to become a leading provider of next-generation network detection and response (NDR) solutions. Today, Bricata's NDR is protecting not only the networks of U.S. intelligence and other government agencies, but also organizations such as Ecolab, Vanderbilt University, Cambridge Health Alliance, and many more.
One of Bricata's greatest strengths is its ability to detect and help mitigate malware in high throughput enterprise networks. "We didn't have a malware scanning engine when we launched in 2014, although malware conviction was always on our roadmap," says Bricata Vice President Sales and Marketing Jason Moore. This became a top priority when cybercriminal and nation state threat groups began ramping up the frequency and sophistication of their attacks on Bricata's government and enterprise customers. "We didn't want to build a malware scanning engine ourselves, so we began looking for an OEM partner," says Moore.
In February 2017, after assessing several candidates, Bricata announced plans to embed the BlackBerry® malware scanning engine into its network appliance and virtual solutions. "Thanks to BlackBerry, we've expanded from network security into cybersecurity," says Moore. "Our platform is now the single source of truth for network analysts, SOC analysts, incident responders, threat hunters, and forensics teams. The BlackBerry malware scanning engine has become one of the most crucial components of our platform."
To learn more about the partnership between Bricata and BlackBerry, click here.