The National Security Agency (NSA) is conducting a pilot program through a commercial managed service provider that provides secure domain-name system (DNS) services to a group of defense industrial base (DIB) companies.
The program stems from a partnership across Department of Defense (DoD) agencies, and is based on NSA analysis that found “using secure DNS would reduce the ability for 92 percent of malware attacks both from command and control perspective deploying malware on a given network,” according to Anne Neuberger, Director of Cybersecurity at NSA.
“We partnered with other elements in [the Defense Department] to roll out a commercial-managed service provider, essentially providing secure DNS services to a group of defense industrial base companies to say: ‘is that a model that can help kind of jumpstart their security particularly for smaller- and medium-sized companies that may not have the ability to invest the resources or the right skill personnel,” Neuberger said at the Defense One Tech Summit today.
Six weeks into the program, Neuberger says that the results have been “very, very successful,” while highlighting that DIB is a priority with its important role in helping to protect the U.S.
“We partner with our partners across DoD – for example the DoD CIO – to both really understand what actors might be doing to target the defense industrial base, and then a second core part of how to protect against it,” Neuberger said.
One of the pilot’s goals is to assist in identifying a secure DNS service provider, and then having DIB companies try the service. The next part of the pilot, Neuberger said, will document standards of what the DNS service looks like, and then to “enable any number of companies who can meet that standard to offer that service.”