The Cybersecurity and Infrastructure Security Agency (CISA) is collaborating with a national laboratory with the Department of Energy (DoE) to come up with a cyber risk framework to help identify the latest cyber threats facing the country’s critical infrastructure, Federal News Network reported Tuesday.
Daniel Kroese, acting deputy assistant director of CISA’s National Risk Management Center, said the National Critical Functions Risk Architecture is a big data platform that will help determine some of the “common pathways” of cyber attacks on telecommunications, finance, energy and other sectors.
“The results of your analysis on there, perhaps we could print out, but I couldn’t just press print on the entire NCF Risk Architecture, because it’s really kind of a big-data, multi-vector solution of stitching together different relational data points and nodes of risk factors across the critical infrastructure community. I think it’s pretty distinct, but certainly not competing in terms of being helpful for resilience for connected systems,” he said of the NCF Risk Architecture during a virtual cybersecurity conference Tuesday.
Kroese said the new framework is part of CISA’s efforts to address areas of “concentrated risk.” He also shared his insights on software assurance and CISA’s work on a vulnerability disclosure platform.