The Center for Cybersecurity Policy and Law is building a new industry coalition called the Network Resilience Coalition which will focus on increasing the resilience of network hardware and software.
Software and hardware vendors expend significant time and effort to ensure that their networked products and services are developed with security by design and by default. They invest in providing updates and configuration guidance for these products over a period of years extending from initial release until scheduled end-of-life. Network operators expect and depend upon the reliability, uninterrupted availability, security, and resilience of these critical technologies. Upgrades, patching, configuration, and maintenance — even where necessary to address known exploitable vulnerabilities — can impose costs and risks of disruption, which must be minimized. The resulting tension between the imperative to operate the network and the need to maintain it can, over time, yield a security deficit.
Additionally, threat intelligence organizations in both government and industry have identified a significant escalation in nation-state sponsored campaigns targeting these known exploited in vulnerabilities in critical infrastructure networks, which underscores the urgency of a coordinated multi-stakeholder response.
The Network Resilience Coalition has formed out of a desire to address these issues in an open and collaborative way, and to help usher in a new paradigm of network hardware and software resilience. The work will foster an open and candid dialogue about the roles, expectations, and responsibilities of technology providers, security experts, network operators, and government leaders and yield real-world solutions to dramatically improve the security postures of the information and telecommunications networks that support our economic and national security.
The news release launching the NRC can be found here.
The news release on the Network Resilience Coalition report can be found here. A link to download the report can be found here.
Agenda for the Jan. 23, 2024 NRC Event Launching of Global Industry and Government Recommendations
Introduction: Ari Schwartz, Managing Director, Venable LLP
Keynote Presentation: Matthew Fussa, Chief Trust Officer, Cisco
Keynote Presentation: Nicholas Leiserson, Assistant NCD for Cyber Policy and Programs, ONCD
Industry Panel Resiliency thru Cooperation: Stephen Banghart, Project Manager, Venable LLP; Kathryn Condello, Senior Director, Lumen; Dr. Carl Windsor, SVP Product Technology and Solutions, Fortinet; Eric Wenger, Senior Director, Technology Policy, Global Government Affairs, Cisco Systems
Keynote Presentation: Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA
Closing Thoughts & Next Steps: Stephen Banghart, Project Manager, Venable LLP