Common Threads Fort Meade: Cyber Threat Sharing

December 6 to 7, 2022 Annapolis Junction, Maryland

INSA and the Fort Meade Alliance hosted a two-part program, Common Threads Fort Meade: Cyber Threat Sharing, on December 6 and 7. 

At our unclassified reception on December 6, 2022, the National Security Agency’s (NSA) Kristina Walter, shared insights on the importance of government-industry collaboration on cyber threat intelligence with INSA members near Fort Meade. Walter, the Chief of  Defense Industrial Base Cybersecurity for the Agency’s Cybersecurity Collaboration Center (CCC), explained the ways in which the Agency shares information to defend both large and small companies in the Defense Industrial Base (DIB)


Information sharing is critical as government and industry see different aspects of foreign threats; NSA and other intelligence agencies have insights into adversaries’ plans and intentions, but DIB companies see the actual means of attack. The CCC serves as a focal point for public-private collaboration in which NSA and its industry partners can share insights before a compromise occurs and thereby enhance network defenses. With its proactive, unclassified, real-time engagement of industry partners, the CCC represents a significant change from previous information-sharing efforts, in which only a small number of organizations with highly cleared staff could benefit from classified reporting on foreign threats.

While it would appear logical for CCC to work principally with large prime contractors, adversaries are known to target and exploit smaller companies that have fewer cybersecurity capabilities. Given the breadth of national security partnerships and supply chains, an unaddressed vulnerability at a single small firm can compromise complex programs of significant importance. The CCC has thus undertaken several efforts to scale its industry outreach across hundreds of thousands of companies in the DIB.

  • First, while it does work directly with large DIB contractors and a range of smaller partners, the Center shares critical cyber threat intelligence with the cyber infrastructure providers that DIB companies rely on, such as internet service providers (ISPs) and providers of cloud computing and firewall services. Such outreach enables attacks to be blocked at hundreds of million end points across the internet infrastructure -- before they reach U.S. companies.
  • Second, the CCC engages small businesses by providing free cybersecurity services that NSA tailors to counter adversary tactics, such as protective DNS services that block known malicious IP addresses. This outreach enables companies to benefit from NSA’s intelligence without having to access classified information.
  • Third, CCC provides free vulnerability scanning so companies can identify their public-facing attack surface, patch software, and strengthen credentials.
  • Fourth, CCC pushes tailored alerts to DIB companies and their service providers that encourage them to fix weaknesses that adversaries are known to exploit. 
  • Finally, companies are able to engage CCC analysts directly through dedicated Slack channels and by co-locating staff at unclassified CCC facilities at which NSA and DIB analysts share information in real-time