CISA Seeking New CyberSentry Program Partners

Jermaine Roebuck, associate director of threat hunting for the Cybersecurity and Infrastructure Security Agency, said the organization is looking to partner with additional critical infrastructure entities that operate systems supporting national critical functions under the CyberSentry program.

CyberSentry provides partners with threat detection capabilities and cyberattack mitigation guidance and allows them to receive sensitive information earlier than the broader cybersecurity community to quickly respond to threats. CISA integrates its own hardware and software stack into partner systems to gain visibility into their information and operational technology networks, BankInfoSecurity reported.

The program conducted case studies involving, among other things, the identification of malware, infected OT equipment, malicious activity and attacker exfiltration. Roebuck said CyberSentry’s information-sharing feature helped CISA analysts identify partners affected during the Colonial Pipeline ransomware attack, enabling rapid threat response.

Defending U.S. critical infrastructure networks through enhanced public-private collaboration is included in the White House’s 2023 National Cybersecurity Strategy. 

CISA highlighted the importance of deploying advanced cybersecurity capabilities for such networks, citing cyberattacks that are becoming more common and more dangerous.