From: FierceGovernmentIT
By David Perera
he Defense Department finalized regulations Oct. 22 for its cybersecurity threat sharing program with defense industrial base companies, making no changes to an interim final rule published in May 2012.
Under the DIB Cyber Security and Information Assurance Program–first implemented as a pilot project in 2011–defense industrial base companies storing or transiting unclassified defense information can participate in the program, under which they report to the DoD cyber intrusions and receive back threat information and information assurance advice.
Finalization of the rule is a precursor to its expansion to hundreds of more companies, a former administration cybersecurity official said.
In 2012, the Homeland Security Department stood up a related program, then known as the Joint Cybersecurity Services Pilot, now known as the Enhanced Cybersecurity Services program. ECS in turn greatly expanded under the cybersecurity executive order signed by President Obama in February to become a way for the federal government to share threat data with all critical infrastructure sectors, not just the defense sector.
Part of the creation of the JCSP/ECS program involved the Defense Department handing off Internet service provider firms that had participated in its program to DHS as part of an administration policy that emphasizes DHS primacy in domestic cybersecurity.
Leave a Reply