The Defense Industrial Base (DIB) is a world of its own that operates as a living hub for companies to provide research and development and incidental materials. It also serves as a government-owned/contractor support system to help reach and maintain U.S military requirements.
REporting Cyber Incidents
If you’ve heard of Title 10 U.S. Code Sections 391 and 292, regarding the reporting of cyber incidents by Cleared Defense Contractors (CDCs) then you are most likely familiar with the Defense Federal Acquisition Regulation Supplement (DFARS 252.204-7012). This DFARS clause specifically outlines cyber incidents to be submitted to DC3/DCISE as mandatory reports; however, all other cyber activity can be reported voluntarily. What & Who is DC3/DCISE you ask? Sit back and allow me to take you on an adventure into cyber space.
The DoD Cyber Crime Center (DC3) is designated as a federal cyber center by National Security Presidential Directive 54/Homeland Security Presidential Directive 23, as a DoD center of excellence for D/MM forensics by DoD Directive 5505.13E, and serves as the operational focal point for the DoD’s Defense Industrial Base Cybersecurity Program (DIB CS Program; 32 CFR Part 236). DC3 has team members from Department of Air Force civilians, Air Force and Navy military personnel, and contractors for specialized support. One of the many directorates that sits inside DC3 is the Defense Industrial Base Collaborative Information Sharing Environment (DCISE). DCISE is the operational hub of the DIB CS Program that is focused on protecting intellectual property and safeguarding DoD content residing on, or transiting through, unclassified contractor networks.
Supporting the DIB
I had the chance to chat with Terry Kalka, Interim Director DC3/DCISE, for some insight into current products/services being offered to the DIB. We also discussed what DCISE can do for companies that do not qualify to be a part of the DIB but are taking on work that supports our DoD Warfighters. I also took the opportunity to ask how COVID-19 has impacted the industry and how resilient cyber has become in this new hybrid work environment so many of us find ourselves in.
“It’s so exciting for us to announce that we (DCISE) can now return to in-person events and get back in touch face-to-face with the DIB. It’s a different world now and we are very eager to be back and navigating new protocols in terms of covid preparation and managing data,” Kalka says. “One of our biggest bi-annual events, the Technical Exchange (TechEx) will be in person for the first time in 3 years.”
Because this event can be held in person, DCISE will be able to resume one of its highlights, comprised of classified briefs including Advanced Persistent Threats, Incident Response and Network Protection. “TechEx is right around the corner September 14-15 and will be hosted in Tysons Corner, VA, by one of our DIB partners. We will be able to offer a hybrid model for those wanting to attend remotely but recognizing some briefs they will have to miss out on given the classification level,” Kalka adds. “Each TechEx comes with a unique theme, and DCISE is proud to share this September theme will be Trailblazers.“
The DIB, government, and essentially the world has seen uncharted waters over the last few years. He reports: “We picked this theme as a way to honor that and to point out that as difficult as it has been, there are some major changes that have come up. New evolutions in cyber security and these are to be celebrated!”
As new evolutions have arrived for the cyber world, DCISE has been able to create some new products to reflect these types of changes. “We are excited to share a new pilot program called DCISE FIRE (Facilitated Incident Response Exercise). This pilot capability is a hands-on keyboard exercise resulting in a live experience for its participants with cyber incident response.” DCISE’s colleagues through SANS are going to lead the event and provide the software support for the program. “Some of our analysts are going to be participating as incident responders. They are seen as the SMEs, so it will be exciting to have industry also participating as it will be an excellent opportunity to collaborate with our industry leaders.”
Challenges for the DIB
The DoD also recognizes the challenges that face the DIB and industry partners, which is why places like DC3/DCISE have the capabilities to help and are eager to do so. If you are a cleared company DCISE encourages you to check out the DIB CS Program to see how you and your company can benefit. I just want to arm you with a few statistics to help give you situational awareness on the reach and impact this program has. Currently, the DIB CS Program has 980+ CDCs plugged into the program as members. Not only does DCISE have products/services free of charge to DIB CS members, but they also have a Non-Cleared Pilot Program that focuses specifically on companies that are not cleared but involved in work to support the warfighter. 30 non-cleared companies are participating in the pilot program.
“DOD CIO is continuing to push the agenda to have this be a full program and exit the pilot phase. Whether you’re a cleared company or not, get in touch with us and we will be happy to connect you with services available to you by the DoD. Because we have these capabilities it means that we are able to deliver on a promise that our DIB CS Program offers. It means we are able to deliver more accurate, tailored content and let me say it has been a breath of fresh air for our analysts and other team members to be able to provide cybersecurity support to the masses.”