The project is an expansion of the DoD’s Defense Industrial Base (DIB) Cyber Pilot project launched last year to share threat information and cybersecurity strategies with the US defense industry.
In the new pilot, called the Joint Cybersecurity Services Pilot (JCSP), DHS will be responsible for working with commercial internet service providers (CSPs).
“The JCSP extends the existing operations of the Defense Industrial Base (DIB) Exploratory Cybersecurity Initiative (DIB Opt-In Pilot) and shifts the operational relationship with the CSPs in the pilot to DHS. The JCSP is part of overall efforts by DHS and DoD to enable the provision of cybersecurity capabilities enhanced by U.S. government information to protect critical infrastructure information systems and networks”, DHS said in a privacy impact assessment of the JCSP.
The DIB Cyber Pilot was first launched in June last year by then Deputy Secretary of Defense William Lynn and only involved 20 defense companies for a 90-day trial period. In August, the DIB pilot was expanded beyond the initial 20 defense companies and the 90-day trial period. The setting up of the JCSP provides more involvement by DHS in dealing with the CSPs.
According to the privacy impact assessment, the JCSP will use the same two cyber threat countermeasures used in DoD’s DIB pilot: 1) Domain Name System (DNS) sinkholing, which involves blocking DNS traffic to malicious domains, and 2) email filtering that includes quarantining infected messages.