Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Architecture

Department of Defense Expands Information Sharing Initiative

Department of Defense Widens of Defense Industrial Base (DIB) Cybersecurity Information Sharing Initiatives

The U.S. Department of Defense, working alongside the U.S. Department of Homeland Security, announced on Friday that they would expand the availability of the cybersecurity information assurance program launched last year.

Department of Defense Widens of Defense Industrial Base (DIB) Cybersecurity Information Sharing Initiatives

The U.S. Department of Defense, working alongside the U.S. Department of Homeland Security, announced on Friday that they would expand the availability of the cybersecurity information assurance program launched last year.

The expansion will mean that all eligible Defense Industrial Base (DIB) companies can be added to the program. The DoD’s Voluntary DIB Cyber Security/ Information Assurance (CS/IA) Program was launched last year in order to strengthen the security posture of both public and private critical infrastructure.

For those unfamiliar, the Defense Industrial Base sector includes government and private sector organizations that perform research and development, design, production, delivery, and maintenance of military weapons systems, subsystems, components, or parts for the military. According to the Department of Defense, the DIB Sector includes tens of thousands of companies and subcontractors providing services and incidental materials to the DoD.

Department of DefenseThe reason for the program is simple in the DoD’s eyes; threats to the DIB’s information systems from the Internet present an “unacceptable risk of compromise of DoD information and pose an imminent threat to U.S. national security and economic security interests.”

As part of the CS/IA Program, the DoD provides DIBs with unclassified indicators and related, classified contextual information. From there, the DIBs can review or act on the contextual information as they wish to better address the threats they face. The DoD will also share mitigation measures to assist DIBs in their cybersecurity efforts.

In return for this, DIBs will report known intrusions and participate in damage assessments if needed. Moreover, the DIB is encouraged to report any cybersecurity event that may hold some interest to the other CS/IA Program participants if they choose.

Additionally, as an optional part of the program, the Government will provide classified threat and technical information to participating DIB Companies or their Commercial Service Providers (CSPs), in an effort to enable them to counter additional types of known malicious activity and to further protect Department of Defense program information.

“The expansion of voluntary information sharing between the department and the defense industrial base represents an important step forward in our ability to catch up with widespread cyber threats,” said Ashton Carter, deputy secretary of defense. “Increased dependence on Internet solutions have exposed sensitive but unclassified information stored on corporate systems to malicious probes, theft, and attacks. This expanded partnership between DoD and the defense industrial base will help reduce the risk of intrusions on our systems.”

Advertisement. Scroll to continue reading.

A wider overview of the program is available here here.

There are some basic requirements in order to take part in the CS/IA Program. A complete list of those essentials are listed here.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Artificial Intelligence

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Endpoint Security

Apple has launched a new security research blog and website, which will also be the new home of the company’s bug bounty program.