DoD Implements Broad Cybersecurity Information–Sharing Program


On May 11, 2012, the Department of Defense (DoD) published an interim final rule expanding its pilot program institutionalizing the sharing of cyber threat information between DoD and its contractors. Comments on the rule are due on July 10, 2012. The following description of the rule outlines the basics of the program, the benefits of participation, the eligibility requirements, and the program mechanics.

What is the Basic Purpose of the Program?

DoD’s program establishes a bilateral cybersecurity information sharing activity among Defense Industrial Base (DIB) government and industry stakeholders. As part of the program, DoD will provide cyber threat information and information security best practices to participating companies in order to improve their abilities to safeguard information. For their part, participating companies are to report cyber intrusion incidents to the Defense Cyber Crime Center's DoD-DIB Collaborative Information Sharing Environment (DCIS). DCISE will analyze these reports to accumulate information regarding cyber threats and vulnerabilities, and develop effective response measures which DCISE will share with participating companies. In addition to this initial reporting and analysis, DoD and the reporting company may pursue, on a voluntary basis, more detailed, digital forensics analysis or damage assessments of individual incidents.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.