The NCX Concept
NCX, formerly WCX (Western Cyber Exchange), is a non-profit, member organization dedicated to improving cybersecurity and protecting critical infrastructure by sharing cyber threat information, providing education and workforce development, technology development, and supporting member cybersecurity needs.
Cyber Threat Sharing and Analysis
NCX provides cyber threat intelligence, alerts, and threat information via the Cyber Threat Center (CTC) dedicated platform. NCX gathers threat intelligence and information from a variety of sources with the key source being the Department of Homeland Security (DHS), National Cybersecurity and Communications Integration Center (NCCIC). NCX entered into a Cooperative Research and Development Agreement (CRADA) with DHS in mid-2015 to become an Information Sharing and Analysis Organization (ISAO) and in early 2016 added Automated Indicator Sharing (AIS). NCX includes a number of commercial and open source resources for gathering threat information and this will be broadened with time. NCX is capable of passing digital data to members who can receive it and expanding and automating this process is a priority within the NCX plan. Alerts and warnings will be issued to all members via varying means encrypted e-mail and mobile app messages.
NCX works with universities to give students at all levels real-world, hands-on experience and provides them the opportunity to participate in a number of exercises and other training events. Partnerships with academies and other institutions have been formed and will expand in the future. NCX will not compete with any university or institution but will partner with them to make the student experience better. In addition, NCX will provide a class for the “Cyber Citizen” which will include the entire workforce from the new recruit to the C-Suite. Certification training can and will be provided as needed.
Technology Development and Research
Much needs to be done in the cyber domain – both to achieve cybersecurity and the ability to protect our critical infrastructure; and to develop and apply ‘productive cyber applications’ for advanced manufacturing, smart energy, healthcare, and many others. These will become the pillars of our global competitive advantage and, in turn, our health and quality of life. Within the cyber threat sharing arena, future ISAOs will gather data from multiple sources, eliminate duplication, prioritize threats, and digitally transfer actionable information directly to the member’s IT security infrastructure and will automatically share these digital files with other ISAOs throughout the United States. Little of this is available now, but with research the landscape will change rapidly. With regard to productive applications in the cyber domain, NCX will support application centers of excellence in multiple industries with fundamental research, test and evaluation, and a deep understanding of the nature and behavior of cyber threats.