A new pilot program in which the Defense Department shares classified threat intelligence with defense contractors or their commercial Internet service providers is showing promise in increasing their cyber defenses and preventing enemy intrusions into sensitive government networks, Deputy Defense Secretary William J. Lynn III said today.
Lynn shared initial findings of the Defense Industrial Base Cyber Pilot with attendees here at the Defense Information Systems Agency’s Customer and Industry Forum.
About midway through the 90-day pilot, launched in partnership with the Homeland Security Department, Lynn said the pilot is bearing fruit among about 20 participating companies that operate DOD networks.
“Already, the pilot has shown us hundreds of signatures we wouldn’t previously have seen” and stopped hundreds of attempted intrusions, Lynn reported. He noted that loading these signatures onto existing systems dramatically increases cybersecurity.
“So in the coming months, we are looking at the possibility of deepening the defense industry involvement in this pilot [and] bringing more and more companies” into the program, he said.
Lynn called intelligence the “special sauce” that enables participating companies to improve their cyber defenses. DOD shares threat intelligence provided by U.S. Cyber Command and the National Security Agency, along with expertise so they can employ it for network defense.
The companies, in turn, use the intelligence and expertise to protect networks they operate for DOD.
“We rely on private-sector networks and services to operate nearly every facet of the department,” Lynn told today’s gathering. “And the fact is that the private firms we depend on are susceptible to the same cyber threats we seek to protect dot-mil networks from.”
Over the past decade, “we have lost terabytes of data” through intrusions and attacks on defense companies’ corporate networks, Lynn said. Some of the stolen data was relatively mundane, involving specifications for small parts of tanks, airplanes and submarines.
“But a great deal of it concerns our most sensitive systems,” Lynn said, including aircraft avionics, surveillance technologies, satellite communications systems and network security protocols.
“We realize that we must help our partners protect their networks,” he said.
Meanwhile, DOD is looking toward other government agencies to see if this same concept can be applied to protect other sectors, including power, transportation and energy sectors. DIB Cyber Pilot “is intended to demonstrate that we can utilize this public-private partnership to protect critical infrastructure networks, starting with the defense sector,” Lynn said.
Lynn called on DISA and DOD’s industry partners to help make the new concept work.
“This is not a type of problem like air defense where the military can take the mission largely on its own. Nor is it an area in which the private sector can do everything they need to do on their own,” he said. “It has to be a partnership between the types of capabilities and intelligence the government can bring, and the types of capabilities and technology the private sector can bring. And those two need to be combined to protect our vital infrastructure.”
This cooperation is critical to the success of the new DOD strategy for operating in cyberspace, which recognizes the importance of cyber defenses to prevent enemies from exploiting, disrupting or destroying critical networks.
“In the face of this threat, we have a window of opportunity to develop much more substantial defenses, not only on our military and government networks, but also the networks that support our critical infrastructure,” Lynn said.
“We must have the capability to defend against the full range of cyber threats,” he said. “That is indeed the goal of the department’s cyber strategy, and it is why we are pursuing the strategy with such urgency.”