Broadcom Software & the U.S. Government: Partners on Cyberdefense

I recently visited Washington, D.C. to meet with policymakers and government customers to talk about the future of cybersecurity. Broadcom Software solutions secure digital operations across the federal government, and our Global Intelligence Network (GIN) evaluates and shares insights on the ever-evolving cyberthreat landscape with U.S. law enforcement and intelligence agencies to ensure the safety and security of our critical infrastructure customers and the cyber ecosystem.

During my visit, I had the honor of meeting two superb public servants working to secure our global information technology infrastructure: National Cyber Director (NCD) Chris Inglis and Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly. President Biden could not have selected two more talented and experienced leaders to work closely with the world’s leading IT security companies and IT-dependent government agencies that comprise our virtual and physical critical infrastructures.

JCDC Collaboration

It can’t be overstated: without public-private collaboration to secure our critical virtual and physical networks, economies and governments around the world would be at the mercy of bad actors. It’s in that commitment of collaboration to better protect critical infrastructures that I was proud to be nominated by the President of the United States to serve on the National Security and Telecommunications Advisory Committee (NSTAC), and why Broadcom Software was honored to accept Jen Easterly’s invitation to be one of the first private sector “alliance members” in CISA’s Joint Cyber Defense Collaborative (JCDC).

Formed in August 2021, the JCDC is an action-driven forum that brings together federal agencies and the private sector to strengthen the nation’s cyberdefenses through better planning, preparation, and information sharing. The JCDC showed quickly it could make a difference: In February 2022, our threat hunters uncovered Daxin, a sophisticated malware being leveraged as an espionage tool. We discovered that Daxin was targeting foreign governments that were not our customers. Thanks to our engagements with CISA through the JCDC, we informed the CISA team of the threat, and they connected us with the appropriate officials from the targeted foreign governments. Together, we were able to detect the malware and remediate infected computer systems. Jen and the CISA team also issued a Current Activity alert that linked to a Broadcom-published blog, alerting other government and critical infrastructure networks about Daxin.  

The Future

Given the success of the JCDC, and Broadcom’s overall engagement with the federal government, you can imagine how thrilled and honored I was to meet Chris and Jen in person and talk about additional ways we can deepen an already creative, collaborative, and productive partnership.

As the NCD, Chris and his team are developing a national cyber strategy that they will be presenting to the President later this year. Chris has written that to better protect the cyber landscape, we will need to shift the burden away from individual end-users of IT products toward larger, better-resourced private and public organizations. Rather than leaving it to end-users to find and add security to the IT products and services they use on their own, Chris would like to see security developed and integrated into the overall IT infrastructure more holistically.  Broadcom Software has already undertaken a number of initiatives designed to build-in security in the development, implementation, and maintenance of our products, ranging from supply chain hardening to Zero Day prevention and notification.  Not every vendor takes these types of proactive measures, which presents policymakers with important questions on whether it’s better to regulate or to incentivize this shift, or to use a combination of both. While there are no straightforward answers to these questions, Broadcom Software will continue to offer safe and secure products.

Chris and Jen also have been tremendous advocates to promote private and public initiatives to build a stronger cyber workforce.  And they are taking steps to do something about it.  The most important assets essential to the security of IT networks and law-abiding nations are the talented professionals who make cybersecurity their cause and calling. Yet, skilled IT workforce shortages require both expanding and upgrading our overall talent pipeline, as well as improving communications between and within governments and the private sector. Jen has been highlighting CISA’s Cyber Innovation Fellows initiative, where private sector employees can be “detailed” to CISA part-time for up to six months to better understand CISA and work to build stronger relationships between the public and private sector. Jen was inspired by a similar program run by the National Cyber Security Centre (NCSC) in the UK, which has been enormously successful.  And Chris recently hosted the National Cyber Workforce and Education Summit at the White House, which focused on building our nation’s cyber workforce by improving skills-based pathways to cyber jobs and educating Americans so that they have the necessary skills to thrive in our increasingly digital society.

While these are important initiatives, what resonated with me most in our meetings is the value of Broadcom’s partnerships with the public sector, and especially with leaders like Jen and Chris and their exceptional teams. Meeting them during my visit was an important milestone for Broadcom Software, but more meaningful to me and our team is the continued collaboration and positive impact we will have going forward to protect critical infrastructures across government and industry.