The DIB Cyber Pilot, which includes cooperation with the Department of Homeland Security, will also provide assistance to defense contractors on how to defend their networks, according to Deputy Secretary of Defense William Lynn.
Lynn told the Annual International Workshop on Global Security in Paris that the program would not involve monitoring, intercepting, or storing of private sector communication on the part of the US government. “Rather, threat intelligence provided by the government is helping the companies themselves, or the internet service providers working on their behalf, to identify and stop malicious activity within their networks”, he stressed.
“Although this pilot breaks new ground on several fronts, we have a long way to go, and a lot of work to do, before our critical infrastructure will be fully secure. But by establishing a lawful and effective framework for the government to help operators of one critical infrastructure sector defend their networks, we hope the DIB Cyber Pilot can be the beginning of something bigger”, Lynn added.
Last month, Lockheed Martin said that it had detected a “significant and tenacious attack on its information systems network.” RSA then admitted that the attackers had targeted its SecureID tokens, which defense contractors and other firms use to provide secure remote access to employees. The SecureID database had been compromised by a similar attack in March.
RSA offered to replace the SecureID tokens for certain customers, including Lockheed Martin. RSA said it would replace SecureID tokens for customers “with concentrated user bases typically focused on protecting intellectual property and corporate networks” and would implement “risk-based authentication strategies” for customers with a large, dispersed user base, such as financial institutions.