The National Security Agency's Cybersecurity Collaboration Center helped mitigate major vulnerabilities in 2021 while serving as a critical hub for industry and government officials to collaborate on cyber initiatives in an unclassified setting, according to a new report.
The National Security Agency has spent the past year expanding partnerships with cyber agencies and key stakeholders to expose supply chain threats and mitigate vulnerabilities, according to a report the agency published this week.
The report, titled "2021 NSA Cybersecurity Year in Review," sheds light on some of the agency's classified operations to protect national security systems, the defense industrial base and the Department of Defense from increasingly sophisticated ransomware and cyberattacks.
The agency attributed many of its accomplishments in part to early collaboration with industry partners and the U.S. Cyber Command, the FBI and the Cybersecurity and Infrastructure Security Agency, as well as its Cybersecurity Collaboration Center, which operates as a hub for industry and government officials to collaborate on cyber initiatives in an unclassified setting.
The CCC revealed major threats potentially impacting DIB networks and national security systems in 2021, including when it disclosed critical vulnerabilities in Microsoft Exchange. Microsoft later credited the NSA with discovering the flaws.
Morgan Adamski, who heads the NSA Cybersecurity Collaboration Center, said public-private partnerships were crucial in mitigating vulnerabilities and preventing attacks.
"NSA has unique insights on cyber threats and nation-state actors because of our global signals intelligence mission. Likewise, the private sector has unique capabilities, preeminent research, and intellectual property we need to protect," Adamski said in a statement accompanying the report, adding: "We each only see part of the picture."
The agency released 23 public cybersecurity reports throughout the year in response to a series of high-profile ransomware attacks and cyber incidents, collaborating with one or more allied partners to produce at least 12 of those guidances, the report said.
NSA Cybersecurity Deputy Director Dave Luber said in a statement accompanying the report that those public guidelines "empower net defenders to prioritize endless patching and mitigation efforts against the most current threats and raise the cost on our adversaries by exposing their activities."