The Departments of Defense and Homeland Security are expanding their cyber sharing programs with the private sector. After a year-long pilot and several small expansions, the Defense Industrial Base (DIB) cyber security pilot is now available to all companies with a facility security clearance.
DoD has long-touted the success of the program, although it isn’t going into any details as to what, if any, threats have been prevented through the information sharing venture.
“What DOD shares with these companies is unclassified and classified cyber-threat information,” said Richard Hale, deputy chief information officer for cyber security. “The program is voluntary and … if the companies choose they can share cyber-incident data back with DOD, including samples of malicious code that the companies find in their networks.”
Companies interested in participating should go to the DIB Cyber Security/Information Assurance website to download an agreement and learn more details. Participation continues to be voluntary, and is not a requirement for cleared contractors. They’ll pay an Internet service provider a fee to scan their network for code the Department of Defense has deemed malicious.
It remains to be seen whether private companies will flock to the program. The success of the pilot flew in the face of previously held conventions concerning cyber attacks, especially in the private sector. In an effort to reduce risk of market loss or further reveal security vulnerabilities, most companies have been close-hold about hacks or cyber incidents. Only when forced by public scrutiny have many companies come forward, and even then, the details are rarely discussed.
In a world where everyone is vulnerable – from the FBI and CIA to major defense industry players and private companies – perhaps earlier concerns about revealing vulnerabilities have given way to a “need to share” cyber culture.
The cyber intel obtained through the information sharing partnership is only available to DIB companies who agree to have an Internet service provider scan their network, which may offer further incentive for others to come on board the newly expanded program.
Lindy Kyzer is the editor of ClearanceJobs.com. She loves cybersecurity, social media, and the U.S. military. Have a conference, tip, or story idea to share? Email firstname.lastname@example.org.