A U.S. Department of Defense program for sharing cyber threat information with the defense industry has seen robust growth since its formation nine years ago, according to a DoD official.
The Defense Industrial Base (DIB) Cyber Security (CS) program, which started in 2007, now has 176 industry partners, some of which have brought in subsidiaries that add up to an additional 220 companies, said Vicki Michetti, the program’s director, who spoke Sept. 7 at the Common Defense (ComDef) 2016 conference in Washington, D.C.
The program’s growth comes amid a surge in cyber incidents against government and industry. Companies throughout the supply chain, not just prime contractors, are considered vulnerable to intrusions or disruptions of their computer networks.
Through the voluntary DIB CS program, DoD helps companies assess threats and develop mitigation strategies. The department also circulates that information, “without attribution,” among the other industry partners, Michetti said.
“It’s very healthy for companies to be able share information and cybersecurity best practices with themselves and the department,” she said. “The discussion that has taken place in the community … has been very productive.”
The program, which falls under DoD’s chief information officer, not only helps the private sector but has also improved the department’s understanding of threats, Michetti told the conference audience. For instance, it has identified threat actors that DoD did not previously know about.