CISA - CyberSentry
Investment ID: 024-000009628
Overview
Program Title
CISA - CyberSentry
Description
CyberSentry is a Pilot Proof of concept activity developed to improve critical infrastructure security in alignment with CISA s goals. CyberSentry is intended as a service providing critical, cross-sector, real-time monitoring of both IT & ICS networks for detecting malicious threat actor activity on CyberSentry partner networks. The CyberSentry platform leverages existing detection signatures that can be deployed to non-federal detection systems. Once visibility is achieved, CISA can leverage the standing analytic methods and threat hunting techniques against the Critical Infrastructure data sets. Should CyberSentry be developed into a full CISA program, future models of operation and data sharing will be fully defined. CyberSentry could be a significant driver for supporting not only CISA CSD objectives but also enabling the National Risk Management Center and the Sector Specific Agencies with reports and insights derived from CyberSentry analysis.
Type of Program
Non-major IT Investments
Multi-Agency Category
Not Applicable