Sharing Intelligence Helps Contractors Strengthen Cyber Defenses

BALTIMORE, Aug. 16, 2011 — A new pilot pro­gram in which the Defense Depart­ment shares clas­si­fied threat intel­li­gence with defense con­trac­tors or their com­mer­cial Inter­net ser­vice providers is show­ing promise in increas­ing their cyber defens­es and pre­vent­ing ene­my intru­sions into sen­si­tive gov­ern­ment net­works, Deputy Defense Sec­re­tary William J. Lynn III said today.

Deputy Defense Secretary William J. Lynn III
Deputy Defense Sec­re­tary William J. Lynn III address­es about 2,700 par­tic­i­pants at the Defense Infor­ma­tion Sys­tems Agency’s Cus­tomer and Indus­try Forum at the Bal­ti­more Con­ven­tion Cen­ter, Bal­ti­more, Aug. 16, 2011. Lynn’s dis­cussed the threats of cyber war­fare in the dig­i­tal age.
DOD pho­to by R.D. Ward
Click to enlarge

Lynn shared ini­tial find­ings of the Defense Indus­tri­al Base Cyber Pilot with atten­dees here at the Defense Infor­ma­tion Sys­tems Agency’s Cus­tomer and Indus­try Forum.

About mid­way through the 90-day pilot, launched in part­ner­ship with the Home­land Secu­ri­ty Depart­ment, Lynn said the pilot is bear­ing fruit among about 20 par­tic­i­pat­ing com­pa­nies that oper­ate DOD net­works.

“Already, the pilot has shown us hun­dreds of sig­na­tures we wouldn’t pre­vi­ous­ly have seen” and stopped hun­dreds of attempt­ed intru­sions, Lynn report­ed. He not­ed that load­ing these sig­na­tures onto exist­ing sys­tems dra­mat­i­cal­ly increas­es cyber­se­cu­ri­ty.

“So in the com­ing months, we are look­ing at the pos­si­bil­i­ty of deep­en­ing the defense indus­try involve­ment in this pilot [and] bring­ing more and more com­pa­nies” into the pro­gram, he said.

Lynn called intel­li­gence the “spe­cial sauce” that enables par­tic­i­pat­ing com­pa­nies to improve their cyber defens­es. DOD shares threat intel­li­gence pro­vid­ed by U.S. Cyber Com­mand and the Nation­al Secu­ri­ty Agency, along with exper­tise so they can employ it for net­work defense.

The com­pa­nies, in turn, use the intel­li­gence and exper­tise to pro­tect net­works they oper­ate for DOD.

“We rely on pri­vate-sec­tor net­works and ser­vices to oper­ate near­ly every facet of the depart­ment,” Lynn told today’s gath­er­ing. “And the fact is that the pri­vate firms we depend on are sus­cep­ti­ble to the same cyber threats we seek to pro­tect dot-mil net­works from.”

Over the past decade, “we have lost ter­abytes of data” through intru­sions and attacks on defense com­pa­nies’ cor­po­rate net­works, Lynn said. Some of the stolen data was rel­a­tive­ly mun­dane, involv­ing spec­i­fi­ca­tions for small parts of tanks, air­planes and sub­marines.

“But a great deal of it con­cerns our most sen­si­tive sys­tems,” Lynn said, includ­ing air­craft avion­ics, sur­veil­lance tech­nolo­gies, satel­lite com­mu­ni­ca­tions sys­tems and net­work secu­ri­ty pro­to­cols.

“We real­ize that we must help our part­ners pro­tect their net­works,” he said.

Mean­while, DOD is look­ing toward oth­er gov­ern­ment agen­cies to see if this same con­cept can be applied to pro­tect oth­er sec­tors, includ­ing pow­er, trans­porta­tion and ener­gy sec­tors. DIB Cyber Pilot “is intend­ed to demon­strate that we can uti­lize this pub­lic-pri­vate part­ner­ship to pro­tect crit­i­cal infra­struc­ture net­works, start­ing with the defense sec­tor,” Lynn said.

Lynn called on DISA and DOD’s indus­try part­ners to help make the new con­cept work.

“This is not a type of prob­lem like air defense where the mil­i­tary can take the mis­sion large­ly on its own. Nor is it an area in which the pri­vate sec­tor can do every­thing they need to do on their own,” he said. “It has to be a part­ner­ship between the types of capa­bil­i­ties and intel­li­gence the gov­ern­ment can bring, and the types of capa­bil­i­ties and tech­nol­o­gy the pri­vate sec­tor can bring. And those two need to be com­bined to pro­tect our vital infra­struc­ture.”

This coop­er­a­tion is crit­i­cal to the suc­cess of the new DOD strat­e­gy for oper­at­ing in cyber­space, which rec­og­nizes the impor­tance of cyber defens­es to pre­vent ene­mies from exploit­ing, dis­rupt­ing or destroy­ing crit­i­cal net­works.

“In the face of this threat, we have a win­dow of oppor­tu­ni­ty to devel­op much more sub­stan­tial defens­es, not only on our mil­i­tary and gov­ern­ment net­works, but also the net­works that sup­port our crit­i­cal infra­struc­ture,” Lynn said.

“We must have the capa­bil­i­ty to defend against the full range of cyber threats,” he said. “That is indeed the goal of the department’s cyber strat­e­gy, and it is why we are pur­su­ing the strat­e­gy with such urgency.”

U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)

More news and arti­cles can be found on Face­book and Twit­ter.

Fol­low on Face­book and/or on Twit­ter