DC3 DCISE TECHEX SEPT 2021

LINTHICUM HEIGHTS, Md. – The Department of Defense (DoD) Cyber Crime Center’s (DC3) DoD-Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE) hosted more than 200 DoD and DIB cybersecurity professionals during its virtual 2021 Fall Technical Exchange (TechEx) Sept.15–17.

The event, with the theme “Choose your Own Path – Journey to ParaDCISE,” featured a multitude of interactive sessions presented by DC3 Analysts, DIB Partners, and DoD cybersecurity professionals. Topics ranged from Cybersecurity Maturity Model Certification (CMMC) Compliance, the Malware Information Sharing Platform (MISP) and cyber threat information sharing, to in-depth technical briefings on Aviation sector targeting, malware analysis, and recent ransomware events.   

“The theme was inspired by the notion that there are so many different cybersecurity paths one could walk to achieve that ever-elusive secure cyber environment,” said Krystal Covey, Director, DCISE. “DCISE offers a variety of threat products and services that allow our Partners to explore, based on their priorities, and determine what best suits their needs.”

Since its establishment in 2008, DCISE capabilities and service offerings have evolved to counter the constantly shifting and evolving cybersecurity landscape. One of those evolutions includes a Cybersecurity-as-a-Service (CaaS) pilot called Krystal Ball. This no-cost offering allows DC3 analysts to gain a hacker’s perspective of a DIB company’s security vulnerabilities. The platform maps public-facing infrastructure, overlays it with threat intelligence sources, and provides a holistic view of the external threat landscape including indicators of compromise and risk.

Another offering is the DCISE Cyber Resilience Analysis (CRA), which provides DIB companies with a report on the overall health of their cybersecurity posture as it pertains to specific critical services provided to DoD. The CRA was introduced at the Spring 2019 TechEx and has already proven to be an essential tool for safeguarding the DIB and has since also been mapped to current draft CMMC requirements.

The CRA identifies cybersecurity strengths and weaknesses, enabling a company to focus its resources where they are most needed. As a result, partners who have participated in more than one CRA have shown a 90% improvement in their cyber resilience, demonstrating a marked improvement in their ability to protect DoD information. Partners report that the CRA helped improve their cyber resilience by clarifying National Institute of Standards and Technology (NIST) security controls, identifying underdeveloped processes, and adding rigor to backup and recovery plans.

DIB Partners can also take advantage of a powerful and easy-to-use CaaS platform DCISE³ (pronounced “DCISE Cubed”), which deploys instantly and delivers enterprise-grade automated threat detection and protection. DIB companies using the DCISE³ platform receive real-time network traffic monitoring, threat detection, alerts, and no-cost anonymous data sharing. Since August 2019, over 1.2 billion potential threats have been identified through DCISE³.

“Cyber threat actor capabilities continue to evolve and become more sophisticated by the day, creating a necessity for DC3 and our cybersecurity partners to enhance our own capabilities,” said DC3 Executive Director Jeffrey Specht. “TechEx is a unique platform that affords subject matter experts from government and across industry to engage with peers, to learn and share ideas. While the technical exchanges are just a small portion of the many DCISE service offerings, the multidirectional flow of information the events generate is key to every other aspect of cybersecurity and the way ahead.”

The Department of Defense (DoD) established the DIB Cybersecurity (CS) program to enhance and supplement DIB participants’ abilities to safeguard DoD information.  Under the DoD Chief Information Officer (CIO), DCISE is designated as the operational element to share timely, relevant, and actionable cyber threat information with 886-Cleared Defense Contractors (CDCs) participating in the DIB CS program.

The public-private cybersecurity partnership provides a collaborative environment for sharing unclassified and classified cyber threat information, CDC cyber resilience analysis, and Cybersecurity-as-a-Service offerings. DCISE performs cyber analysis, offering mitigation and remediation strategies, providing best practices, curating relevant training, and conducting analyst-to-analyst exchanges with DIB participants ranging in size from small- to enterprise-sized companies.

DCISE provides critical support to DoD's efforts to mitigate a threat that has grown through the years—ransomware. “A ransomware attack on any of the DIB companies could have a significantly negative impact on our national security,” said Covey. “Ransomware attacks are a big deal. Fortunately, DCISE has the talent and resources to help the DIB defend itself against ransomware Threat Actors. We are working closely with other DC3 elements, including the Vulnerability Disclosure Program, as well as whole of government mission partners to better safeguard the DIB from ransomware and any other threats.” Most recently, DCISE contributed to an Alert published by the Cybersecurity Infrastructure & Security Agency (CISA) on the increased use of Conti Ransomware.

The DIB CS program is built on cyber incident reporting and analysis to increase US Government (USG) and industry understanding of cyber threats and potential cyber risks from nation-state actors. The analysis allows DIB partners to make risk-informed, rather than purely compliance-driven, cybersecurity decisions.

For more information about DCISE, visit https://www.dc3.mil/DIB-Cybersecurity/DIB-Cybersecurity-DCISE/.

Follow DCISE on Twitter at https://twitter.com/DC3DCISE