Sharing Intelligence Helps Contractors Strengthen Cyber Defenses
Sharing Intelligence Helps
Contractors Strengthen Cyber Defenses
By Donna Miles,
American Forces Press Service.
Baltimore, Maryland -- (AFPS)
-- August 16, 2011 – A new pilot program in which the Defense Department shares
classified threat intelligence with defense contractors or their commercial
Internet service providers is showing promise in increasing their cyber defenses
and preventing enemy intrusions into sensitive government networks, Deputy
Defense Secretary William J. Lynn III said today.
Deputy Defense Secretary William J.
Lynn III addresses about 2,700 participants at the Defense Information Systems
Agency's Customer and Industry Forum at the Baltimore Convention Center,
Baltimore, Aug. 16, 2011. Lynn's discussed the threats of cyber warfare in the
digital age. DOD photo by R.D. Ward.
Lynn shared initial findings of the Defense Industrial Base
Cyber Pilot with attendees here at the Defense Information Systems Agency’s
Customer and Industry Forum.
About midway through the 90-day pilot, launched in partnership with the Homeland
Security Department, Lynn said the pilot is bearing fruit among about 20
participating companies that operate DOD networks.
“Already, the pilot has shown us hundreds of signatures we wouldn’t previously
have seen” and stopped hundreds of attempted intrusions, Lynn reported. He noted
that loading these signatures onto existing systems dramatically increases
“So in the coming months, we are looking at the possibility of deepening the
defense industry involvement in this pilot [and] bringing more and more
companies” into the program, he said.
Lynn called intelligence the “special sauce” that enables participating
companies to improve their cyber defenses. DOD shares threat intelligence
provided by U.S. Cyber Command and the National Security Agency, along with
expertise so they can employ it for network defense.
The companies, in turn, use the intelligence and expertise to protect networks
they operate for DOD.
“We rely on private-sector networks and services to operate nearly every facet
of the department,” Lynn told today’s gathering. “And the fact is that the
private firms we depend on are susceptible to the same cyber threats we seek to
protect dot-mil networks from.”
Over the past decade, “we have lost terabytes of data” through intrusions and
attacks on defense companies’ corporate networks, Lynn said. Some of the stolen
data was relatively mundane, involving specifications for small parts of tanks,
airplanes and submarines.
“But a great deal of it concerns our most sensitive systems,” Lynn said,
including aircraft avionics, surveillance technologies, satellite communications
systems and network security protocols.
“We realize that we must help our partners protect their networks,” he said.
Meanwhile, DOD is looking toward other government agencies to see if this same
concept can be applied to protect other sectors, including power, transportation
and energy sectors. DIB Cyber Pilot “is intended to demonstrate that we can
utilize this public-private partnership to protect critical infrastructure
networks, starting with the defense sector,” Lynn said.
Lynn called on DISA and DOD’s industry partners to help make the new concept
“This is not a type of problem like air defense where the military can take the
mission largely on its own. Nor is it an area in which the private sector can do
everything they need to do on their own,” he said. “It has to be a partnership
between the types of capabilities and intelligence the government can bring, and
the types of capabilities and technology the private sector can bring. And those
two need to be combined to protect our vital infrastructure.”
This cooperation is critical to the success of the new DOD strategy for
operating in cyberspace, which recognizes the importance of cyber defenses to
prevent enemies from exploiting, disrupting or destroying critical networks.
“In the face of this threat, we have a window of opportunity to develop much
more substantial defenses, not only on our military and government networks, but
also the networks that support our critical infrastructure,” Lynn said.
“We must have the capability to defend against the full range of cyber threats,”
he said. “That is indeed the goal of the department’s cyber strategy, and it is
why we are pursuing the strategy with such urgency.”
William J. Lynn III
See also :
The Pentagon's Cyberstrategy One Year Later : defending Against Next Cyberattack
by William J.
Lynn III, U.S. Deputy Secretary of Defense, in Foreign Affairs,
September 28. 2011. More destructive cyberweapons are being created every day,
and an increasingly sophisticated technology black market virtually guarantees
that they will eventually land in the hands of the United States' enemies.
Robust defenses are no longer a luxury, they are a necessity.
Defending a New Domain : The Pentagon's Cyberstrategy, by
Lynn III, U.S. Deputy Secretary of Defense, and Nicholas Thompson, in
Foreign Affairs, September 28. 2011. Deputy Secretary of Defense William
Lynn discusses the various new strategies used by the Pentagon to identify
information technology threats, combat cyber warfare, and protect U.S.