DHS takes key role in DOD cybersecurity program

The Pentagon’s Defense Industrial Base (DIB) Cyber Pilot, first outlined last July by then-Deputy Defense Secretary William Lynn, has given the Homeland Security department an expanded role; DHS  will take over communications with private Internet service providers. The ISPs are a critical part of the pilot program, responsible for filtering incoming e-mails of DIB participants.

DIB, overall, is a voluntary partnership between DOD and the contractors supporting it in order to combat cyber threats.


Related story

DOD releases 5-point cyber defense plan


With DHS now in on the program, it’s evolved into the Joint Cybersecurity Services Pilot (JCSP), according to a DHS privacy assessment.

“The JCSP seeks to build upon the DIB Opt-In Pilot and allow DHS, through the National Cyber Security Division U.S. Computer Emergency Readiness Team, to share indicators and other information about known or suspected cyber threats directly with [commercial service providers] to enhance the protection of JCSP participants, including certain DIB companies and any participating federal agencies,” the DHS assessment stated.

According to a NextGov report, DOD will continue to oversee communications with the contractors participating in the program.

There’s been talk of expanding the pilot since it was first rolled out. In his announcement Lynn said expansion of the program would be possible once an assessment of the program had been conducted.

That assessment has now been completed – with mixed reviews, according to a Washington Post report on the study’s findings, which have not been made public.

The initial leg of the pilot program has demonstrated the viability of information-sharing among private companies and government agencies, according to the Post report. It has also showed ISPs are capable of handling the classified National Security Agency-provided intelligence being used among participants, including NSA signatures of malicious code, which are the fingerprints of potentially dangerous malware.

But the program hasn’t proved effective in staving off cyber attacks that participants could have prevented themselves without the shared data. For example, of the 52 malicious activity incidents detected during the test run, only two were found using NSA’s data, the report stated.

“Unfortunately, the report on the DIB Pilot Program highlights one of my continuing points, that there is no silver bullet in cybersecurity,” Rep. James Langevin (D-R.I.), co-founder of the Congressional Cybersecurity Caucus, said in a statement. “Signature-based defenses alone will never be enough to secure our defense contractors, our classified networks or our critical infrastructure. We need a comprehensive approach to cybersecurity that incorporates innovative information-sharing arrangements with industry, while also boosting our capabilities for our own defenses and those who manage our critical infrastructure.”

While the pilot program is expanding by bringing DHS into the fold, it appears no new companies have been added. When Lynn announced the program last summer, he said the pilot comprises less than two dozen commercial defense companies with which DOD shares classified threat intelligence.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.

Featured

  • FCW @ 30 GPS

    FCW @ 30

    Since 1986, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group