|
The DoD Cyber Crime Center (DC3) DoD-Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE) hosted more than 200 DoD and DIB cybersecurity professionals at its 2021 Spring Technical Exchange (TECHEX) held virtually March 31 - April 2.
Now in its 13th year, TECHEX featured 18 presentations grouped into four categories — Tools, Best Practices, Threats and Partner Fundamentals all under the umbrella of the theme “Cyber Horizons: The future is ours to shape.”
Krystal Covey, director, DCISE; emphasized the importance of this year’s theme during her opening remarks at TECHEX.
“2020 has been a challenging year,” said Covey. “From an early supply chain hack to a global pandemic; our way of life was upended, but we adjusted and overcame, and TECHEX is about looking forward to the cyber horizon. We want to look ahead together in this public-private partnership to figure out how we might shape the future. There are many things lingering on that cyber horizon, but we ask which are of most value to the DIB?”
The presentations provided attendees with best practices, lessons learned and in-depth knowledge surrounding the most current cyber threat information. Topics spanned an overview of the SolarWinds backdoor sophisticated supply chain attack, vulnerability management best practices, and DIB cybersecurity resilience and compliance.
“The semiannual TECHEX provides a forum to bring hundreds of DIB and U.S. Government personnel together to discuss industry trends, hear updates on the cyber threat landscape, share tool demos, and network with one another,” said Covey. “The event promotes collaboration to enhance the protection of DoD information residing and transiting across contractor unclassified systems and networks.”
DCISE is uniquely postured in DoD to bring together subject matter experts from government and across industry. Industry entities attend TECHEX to not only hear from the U.S. Government, but also engage with their industry peers.
DCISE brings a significant measure of technical expertise to the event, but the flow of information is multidirectional. The conversations that happen between DIB partners are just as illuminating as those between the DoD and industry.
Established in 2008, DCISE is designated as the single DoD focal point for receiving all cyber incident reports affecting DIB unclassified information systems and networks to safeguard DoD information. As the operational element of DoDs DIB Cybersecurity (CS) program, DCISE shares relevant information with more than 800 Cleared Defense Contractors (CDC) participating in the program.
The public-private cybersecurity partnership provides a collaborative environment for sharing unclassified and classified cyber threat information, CDC cyber resilience analysis, and Cybersecurity-as-a-Service offerings. DCISE performs cyber analysis, offering mitigation and remediation strategies, providing best practices, and conducting analyst-to-analyst exchanges with DIB participants ranging in size from small to enterprise-sized companies. Regardless of the company size, one thing is constant with cybersecurity threats: they are always evolving.
The program is built on cyber incident reporting and analysis to increase U.S. Government (USG) and industry understanding of cyber threats and potential cyber risks from nation-state threats. The analysis allows DIB partners to make risk-informed, rather than purely compliance-driven, cybersecurity decisions.
DCISE receives cyber incident reports through two mechanisms, voluntary and mandatory submissions. Voluntary reporting is responsive to the DIB CS Framework Agreement and maintains confidentiality of shared information. Mandatory reporting is responsive to Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, DFARS Clause 252.239-7010, Cloud Computing Services, and 32 CFR Part 236, DIB Cyber Security Activities.
While the cybersecurity threats constantly change and evolve, so does DCISE. Its products and services were developed, and continue to expand toward the goal of providing timely and actionable cyber threat information to its DIB and USG Partners.
“Some things remain consistent,” said Covey. “The perpetual game of chess with our adversaries continues. They continue looking for ways to penetrate networks to steal intellectual property, gain a persistent foothold, obtain military advantages or counter-measures, collect ransom…the list goes on.”
Just barely into 2021, DCISE continues to expand its reach and capabilities. DCISE recently hosted its inaugural Virtual Industry-Based Partner Exchange (VIPEX), which provided DIB Partners in the aerospace industry with tailored cyber threat information as well as a collaborative space to interact about topics of interest and participate in briefings/discussions specific to that topic.
In February, DCISE established a membership with the North Atlantic Treaty Organization’s (NATO) Multinational Malware Information Sharing Platform, which allowed DCISE to access cyber threat information from 79 NATO organizations. This information will be cultivated and shared with U.S. DIB companies; further supporting network defense and mitigation efforts for U.S. companies developing and building DoD technology.
“Since its inception, DCISE has shown an enduring commitment to building a trusted and value-added partnership with the DIB,” said DC3 Executive Director Jeffrey Specht. “Doing so requires constant evolution in DCISE capabilities and service offerings, with those evolutions largely informed by the discussions held at TECHEX and other year-round collaborative forums with our DIB partners. The underpinning of DCISE’s mission is a clear resolve that the only way we can effectively face the challenges on the Cyber Horizon, is to collectively face those challenges.”
For more information about DCISE, visit https://www.dc3.mil/DIB-Cybersecurity/DIB-Cybersecurity-DCISE/
Follow DCISE on Twitter at https://twitter.com/DC3DCISE
|
