DoD CIO UNCLASSIFIED. DIB CS Program Value-Added

Similar documents
Department of Defense DIRECTIVE

Outside Director and Proxy Holder Training: Module 1: Intro to DSS and Foreign Ownership, Control, or Influence (FOCI) Defense Security Service

SEC.. DEFENSE CYBER CRIME CENTER: AUTHORITY TO ADMIT PRIVATE SECTOR CIVILIANS TO CYBER SECURITY COURSES.

Why Cybersecurity Matters in Government Contracting. Robert Nichols, Covington & Burling LLP

(Billing Code ) Defense Federal Acquisition Regulation Supplement: Network. Penetration Reporting and Contracting for Cloud Services (DFARS

How To Protect Your Data From Being Hacked

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)

CRISIS MANAGEMENT AND FIRST AID: WHEN GOVERNMENT CONTRACTORS ARE THE HEADLINERS WELCOME

Department of Defense INSTRUCTION. Security of Unclassified DoD Information on Non-DoD Information Systems

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education

Legislative Language

Department of Defense INSTRUCTION. SUBJECT: Communications Security (COMSEC) Monitoring and Information Assurance (IA) Readiness Testing

Department of Defense DIRECTIVE

CYBERSECURITY RISK MANAGEMENT

Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues

THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY

To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.

DIVISION N CYBERSECURITY ACT OF 2015

An Overview of Large US Military Cybersecurity Organizations

S. ll IN THE SENATE OF THE UNITED STATES A BILL

Cybersecurity and internal audit. August 15, 2014

STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE

Cyber Security for Advanced Manufacturing Next Steps

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

Implementing Program Protection and Cybersecurity

What The OMB Cybersecurity Proposal Does And Doesn't Do

Legislative Language

Privacy and Data Security Update for Defense Contractors

The U.S. Department of Homeland Security s Response to Senator Franken s July 1, 2015 letter

How To Make A National Security Agreement Between Dhs And Dod

GAO. IT SUPPLY CHAIN Additional Efforts Needed by National Security- Related Agencies to Address Risks

Defense Security Service

SECTION-BY-SECTION. Section 1. Short Title. The short title of the bill is the Cybersecurity Act of 2012.

I N T E L L I G E N C E A S S E S S M E N T

UNM Information Assurance Scholarship for Service (SFS) Program

Cyber Incident Annex. Cooperating Agencies: Coordinating Agencies:

Cyber Incident Annex. Federal Coordinating Agencies. Coordinating Agencies. ITS-Information Technology Systems

CyberSecurity Solutions. Delivering

Statement of Gil Vega. Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer. U.S. Department of Energy

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

RETHINKING ORC: NRF S CYBER SECURITY EFFORTS. OMG Cross Domain Threat & Risk Information Exchange Day, March 23, 2015

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Department of Defense INSTRUCTION

Standing together for financial industry cyber resilience Quantum Dawn 3 after-action report. November 23, 2015

Department of Homeland Security

Into the cybersecurity breach

Office of Inspector General

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties

Cyber Watch. Written by Peter Buxbaum

Cybersecurity and Information Sharing: Comparison of H.R and H.R. 1731

2010 Data Breach Investigations Report

Lessons from Defending Cyberspace

No. 33 February 19, The President

HEALTH INSURANCE MARKETPLACES GENERALLY PROTECTED PERSONALLY IDENTIFIABLE INFORMATION BUT COULD IMPROVE CERTAIN INFORMATION SECURITY CONTROLS

Defending Against Data Beaches: Internal Controls for Cybersecurity

AIRSPACE WAIVERS AND FLIGHT AUTHORIZATIONS FOR CERTAIN AVIATION OPERATIONS (INCLUDING DCA) (Amended)

DHS. CMSI Webinar Series

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

DoD Strategy for Defending Networks, Systems, and Data

Department of Homeland Security

NSA/IAD NSCAP CIRA Accreditation Instruction Manual

BlacKnight. Cyber Security international A BUSINESS / MARKETING PRESENTATION

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections

Collaboration for the Detection, Prevention, Mitigation and Response to Cyber Attacks

[STAFF WORKING DRAFT]

Comparison of Information Sharing, Monitoring and Countermeasures Provisions in the Cybersecurity Bills

National Security & Homeland Security Councils Review of National Cyber Security Policy. Submission of the Business Software Alliance March 19, 2009

Cybersecurity Information Sharing Legislation Protecting Cyber Networks Act (PCNA) National Cybersecurity Protection Advancement (NCPA) Act

Cybersecurity Enhancement Account. FY 2017 President s Budget

CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES

Industry. Cyber Security. Information Sharing at the Technical Level. Guidelines

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

S. ll. To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.

The Comprehensive National Cybersecurity Initiative

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Statement of. Mike Sena. President, National Fusion Center Association. Director, Northern California Regional Intelligence Center (NCRIC)

INFRAGARD.ORG. Portland FBI. Unclassified 1

Transcription:

DoD CIO DoD-Defense Industrial Base Cybersecurity (DIB CS) Information Sharing Program A Public-Private Cybersecurity Partnership Ms. Vicki Michetti Director, DoD-DIB CS Program October, 2015 1

DIB CS Program Value-Added DoD CIO A public-private cybersecurity partnership that: Provides a collaborative environment for sharing unclassified and classified cyber threat information Offers analyst-to-analyst exchanges, mitigation and remediation strategies Provides companies analytic support and forensic malware analysis Increases U.S. Government and industry understanding of cyber threat Enables companies to better protect unclassified defense information on company networks or information systems Protects confidentiality of shared information Mission: Enhance and supplement Defense Industrial Base (DIB) participants capabilities to safeguard DoD information that resides on, or transits, DIB unclassified information systems 2

DIB CS Program Eligibility DoD CIO A contractor must be a Cleared Defense Contractor (CDC) and shall: (1) Have an existing active Facility Clearance (FCL) granted under NISPOM (DoD 5220.22-M); (2) Execute the standardized Framework Agreement (FA) with the Government, (3) To receive classified cyber threat information electronically: (i) Have or acquire a Communication Security (COMSEC) account in accordance with the NISPOM Chapter 9, Section 4 (DoD 5220.22-M), which provides procedures and requirements for COMSEC activities; and (ii) Have or acquire approved safeguarding for at least Secret information, and continue to qualify under the NISPOM for retention of its FCL and approved safeguarding; and (iii) Obtain access to DoD's secure voice and data transmission systems supporting the voluntary DoD-DIB CS information sharing program. 3

DIB CS Program Participation DoD CIO DIB CS Participants are CDCs: Large, mid, and small-sized defense contractors Sole source providers, market competitors, joint-development partners, supply chain vendors Manufacturers of weapon systems, platforms, and critical parts Federally Funded Research and Development Centers (FFRDCs) Commercial Solution and Service Providers University Affiliated Research Centers 4

DIB CS Program Construct DoD CIO Framework Agreement Damage Assessment Information Sharing Reporting and Response 5

DoD CIO DIB CS Program Framework Agreement Bilateral agreement between DoD and DIB Partner Initiates unique threat information sharing environment to safeguard cyber threat information and protect company equities Precludes unfair advantage Builds trusted partnership between senior DoD and Corporate senior officials Amendments Wholly-owned Subsidiaries International Business Units 3 rd Party Service Provider 6

DIB CS Program Information Sharing DoD CIO The DoD Cyber Crime Center (DC3) implements the DIB CS Program and provides: - Unclassified actionable cyber threat information - Classified contextual information - Mitigation and remediation strategies - Analyst-to-Analyst discussions and other collaboration activities 7

DoD CIO DIB CS Program DoD Cyber Crime Center (DC3) A National Cyber Center supporting law enforcement, counterintelligence info assurance & protecting critical infrastructure National Cyber Investigative Joint Task Force (NCIJTF) DoD Cyber Crime Center (DC3) U.S. Cyber Command (USCYBERCOM) Dept of Homeland Security (DHS) Nat l Cybersecurity & Communications Integration Center (NCCIC) NSA/Central Security Service (CSS) Threat Operations Center (NTOC) NCCIC regularly partners with FBI and USSS teams in the same capacity as those from the cyber centers Intelligence Community Incident Response Center (IC-IRC) Cyber Threat Intelligence Integration Center (CTIIC) 8

DIB CS Program DC3 Operations DoD CIO Defense Computer Forensics Laboratory (DCFL) Defense Cyber Crime Center Analytical Group (DC3-AG) Defense Cyber Investigations Training Academy (DCITA) Defense Cyber Crime Institute (DCCI) Defense Industrial Base Collaborative Information Sharing Environment (DCISE) 9

DoD CIO DIB CS Program DoD-DIB Program Reporting and Response DC3 serves as the single DoD focal point for receiving all cyber incident reporting affecting unclassified networks of DoD contractors DIB companies report cyber incidents within 72 hours of discovery to DC3 at dibnet.dod.mil - DIB CS participants receive a non-attribution version of reported information in nearreal-time - DIB participants receives analytical support and mitigation and remediation strategies DC3 conducts forensic analysis of malicious software (malware) DC3 develops incident trends, best practices and other information useful to DIB CS participants 10

DoD CIO DIB CS Program Cyber Incident Reporting by DoD Contractors What is a cyber incident? Defined as actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein Who should report and why? DoD contractors report cyber incidents in accordance with the DFARS Clause 252.204-7012 DoD contractors report in accordance with other reporting requirements identified in a contract or other agreement. DoD Cloud Service Providers report cyber incidents specified in the clause 252.239-7010, Cloud Computing Services DoD-DIB CS Participants voluntarily report cyber incidents for situational awareness 11

DoD CIO DIB CS Program DIB Cybersecurity Web Portal Report a Cyber Incident Access to this page requires a DoD-approved medium assurance certificate. For more information please visit the ECA website. Apply to DIB CS Program Cleared defense contractors apply to join the DIB CS Program for voluntary cyber threat information sharing. Access requires a DoDapproved medium assurance certificate. For more information please visit the ECA website. Login to DIB CS Information Sharing Portal Current DIB CS Program participants login to the DIBNet portal. Access requires a DoDapproved medium assurance certificate. For more information please visit the ECA website. DIBNet.dod.mil 12

DoD CIO DIB CS Program Modifications to DIB CS Program DoD published revised 32 CFR Part 236, DoD-Defense Industrial Base (DIB) Cybersecurity (CS) Activities Interim Final rule on Oct. 2, 2015 - Modifies eligibility criteria to permit greater participation in voluntary DoD-DIB Cybersecurity information sharing program: All participating DIB Companies have access to unclassified cyber threat information (DIBNet-U) DIB company may also elect to receive classified cyber threat information electronically (DIBNet-S) - Encourages voluntary cyber incident and indicator reporting by DIB participants for cyber situational awareness that does not meet threshold of mandatory reporting requirements - Aligns with mandatory cyber incident reporting requirements DFARS Case 2013-D018, Network Penetration Reporting and Contracting for Cloud Services - Applies only to Other Types of Agreements (OTAs) 13

DoD CIO DIB CS/IA Program Enhanced Cyber Security Services (ECS) ECS is a DHS managed voluntary program that helps U.S. based public and private entities protect their systems from unauthorized access, exploitation, or data exfiltration Shares sensitive and classified government-vetted cyber threat information with qualified Commercial Service Providers (CSPs) and Operational Implementers (OIs) CSPs use cyber threat information to protect their customers OIs use cyber threat information to protect their own networks Two approved countermeasures DNS Sinkholing Email Filtering Four approved CSPs AT&T: ecs-pmo@list.att.com Centurylink: ecs@centurylink.com Verizon: vz-ecs@one.verizon.com Lockheed Martin: ecs.lm@lmco.com 14

DIB CS Program Summary DoD CIO DIB CS program: Creates a trusted sharing environment between DoD and DIB participants Enables DIB CS participants to improve network security and better understand the cyber threat Is a proven public-private cybersecurity partnership Promotes cyber threat sharing between the U.S. Government and Industry 15

DIB CS Program Contact Information DoD CIO DIB CS Program: E-mail: OSD.DIBCSIA@mail.mil Phone: (703) 604-3167 Toll Free Number: 1-855-363-4227 FAX: (571) 372-5434 http://dibnet.dod.mil 32 CFR Part 236: http://www.gpo.gov/fdsys/pkg/fr-2015-10-02/html/2015-24296.htm 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information