This CISA Program Blocked Over 1B Threats to Critical Networks
The agency processes more than 3 billion DNS queries daily with a cyber program that is fortifying network resiliency across government.
The Cybersecurity and Infrastructure Security Agency (CISA) is scaling threat intelligence and fortifying network resilience with its Protective Domain Name System Resolver service in use across federal agencies, hospitals, schools and local utility facilities, officials said this week.
The program protects critical networks by blocking billions of Domain Name System (DNS) queries daily across all federal civilian executive branch agencies, officials said. To achieve this mission, CISA is leveraging industry partnerships and Cloudflare to tap into the scalability of Amazon Web Services’ GovCloud, according to Protective DNS Service Product Manager Christopher Villas.
“The system processes over 3 billion DNS queries a day and has provided over 700 billion blocks,” Villas said at the AWS Summit in Washington, D.C., Wednesday. “The scale that we’re operating at to generate passive DNS on over 3 billion records a day just wasn’t possible without this cloud-native solution.”
With a cloud-first architecture and AWS to host the management application, the program enables CISA to use several sources of threat intelligence, which has enhanced incident detection and response capabilities.
CISA and its parent agency, Department of Homeland Security, are also leveraging the data platform to obtain DNS traffic from all agencies, simplifying the process to find trends impacting the entirety of the federal government, rather than one agency at a time.
Villas said that the service was first piloted by critical infrastructure partners across the U.S. with a focus on health care, water utilities and power generation.
In less than two years, the program has enabled major enterprises to scale rapidly and meet evolving data storage needs effectively, benefiting over 110 agencies, Villas said.
“Transitioning off the legacy service to Protective DNS was a significant level of change for the [U.S. Postal Service], [the Department of Veterans Affairs] and [the Department of Health and Human Services],” Villas said. “But with the program’s new abilities, these large enterprises with complex setups that have multiple subcomponents can use the services for their own benefit.”
With the surge of cyberthreats from espionage groups like Volt Typhoon, Villas emphasized the growing rate of private-sector partnerships that are using Protective DNS. He explained that many organizations are seeking to deploy the program to obtain the same level of defense given to federal agencies.
“These entities are under attack from adversaries that are also targeting the federal government,” Villas said. “We were really thrilled to be able to bring and scale this [program] to accommodate an entirely new customer segment that’s under a significant threat.”
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
GenAI Remains Top Focus for Public Sector IT Leaders
Federal leaders say generative AI is showing promise for efficiency in multiple use cases and sectors, including cancer research.
5m read -
This Partnership is Tackling Federal Zero Trust, Cloud Security
Industry leaders share insights on the critical role industry partnerships have in enabling government agencies to navigate procurement challenges for cloud and zero trust solutions.
16m watch Partner Content -
Effective Cloud Governance Balances Innovation, Security
ULA and AWS leaders discussed strategies for secure cloud adoption, emphasizing effective permissions to balance innovation and security.
2m read -
CBP Leads Federal Post-Quantum Cryptography Work
The agency began its post-quantum cryptography migration two years ago and thinks others would benefit from its lessons learned.
4m read