The Defense Department is expanding its voluntary information sharing program to help protect sensitive information stored on unclassified industry computers.
Formally titled the Defense Industrial Base (DIB) Cyber Security/Information Assurance (CS/IA) Program, the effort, in partnership with the Department of Homeland Security (DHS), is now available to all eligible industrial base companies, according to a department statement.
Center for Strategic and International Studies Senior Fellow James Lewis said he believes that DoD is moving closing to obligating companies to participate in the program.
“DoD can make companies cooperate by saying ‘In order to do business with DoD, you must do certain things’ like improving network defenses,” Lewis said recently in a phone interview. “It’s voluntary, sure, as long as you are willing to give up doing business with them.”
DoD is actively engaged in multiple efforts to foster mutually beneficial partnerships with the industrial base to protect Pentagon information residing or passing through industrial base systems, according to a statement.
Under the program, DoD provides participating DIB companies with unclassified indicators and related, classified contextual information, according to a DoD fact sheet. DIB companies can choose whether to incorporate the indicators into their own traffic screening or other security tools and they can review or act on the contextual information as they wish to better address the cyber security threats they face, according to the fact sheet.
Participating companies also report known intrusion events to the government and may participate in government damage assessments, if needed, the fact sheet said.
“Increased dependence on Internet solutions have exposed sensitive, but unclassified, information stored on corporate systems to malicious probes, theft and attacks,” Deputy Defense Secretary Ashton Carter said in a statement. “This expanded partnership between DoD and the defense industrial base will help reduce the risk of intrusions on our systems.”