Organizations,  even  large,  well-resourced  ones,  cannot  contend  with  the  sheer  scale  of  today's
            sophisticated  threat  actors  without  help  from  private,  public,  and  industrial  sector  entities.  This
            shortcoming was the impetus for the Cyber Incident Reporting  for Critical Infrastructure Act of 2022
            (CIRCIA). This act only applies to owners and operators of our nation's critical infrastructure, but its
            impact will be a game-changer for the entire cybersecurity community. When fully enacted, it will improve
            the understanding of cyber threats and spearhead more coordinated action responses against them, as
            well as spot adversary campaigns earlier in the attack lifecycle.

            The cybersecurity community must grapple with the reality of continuous attacks that only worsen over
            time, especially as they embrace more complex IT infrastructure involving multiple cloud assets and SaaS
            solutions.  With  IT  resources  now  located  in  the  cloud and away  from  the protection  of  on-premises
            security solutions, it is essential to adopt a modern security strategy that extends connectivity to wherever
            critical  business  resources  exist.  Secure  Access  Service  Edge  (SASE)  is  a  business  modernization
            strategy that meets the moment. This security concept was introduced in 2019 by consulting firm Gartner
            and has since become one of the most dependable security solutions for modern enterprises. It brings
            network security together with software-defined wide area networking (SD-WAN) functions to protect
            against a wide range of new threats. It offers a unified way to address various cyberattacks without
            compromising connectivity.




            Applying a successful defense strategy to cybersecurity

            The principle of collective defense is not new; it is at the core of NATO's founding mission. It remains a
            unique and enduring treaty that commits NATO member nations to work together towards a common
            goal. Collective defense offers a similar mission for CIRCIA member organizations in their ongoing battle
            against nation-state actors and cyber criminals who aspire to operate inside and disrupt critical business
            ecosystems.

            Collective defense is based on a principle of continuous collaboration, sharing of threat intelligence, and
            coordinated response actions among member organizations to identify and defeat cyber threats. It is a
            force multiplier that leverages analytic skills from across the public, private, and industrial sectors to
            defeat the many shared challenges. Cooperation amongst member organizations provides what some
            view as a long-range radar of cyber threats. Member organizations can use this information to inform
            their threat detection and hunting efforts based on understanding active threats external to their networks
            that may soon attack their business enterprises.

            Essentially,  collective  cyber  defense  is a  team sport.  It  is  a  collaborative  cybersecurity  strategy  that
            requires member organizations to share real-time threat intelligence, regardless of industrial sector or
            industry, to defend against targeted cyber threats. To be successful, it must establish incident reporting
            requirements, threat intelligence sharing requirements, and incident response capabilities similar to those
            championed by CIRCIA.











                                                                                                            164