Sometimes a key piece of information slips by in a press release without anyone realizing its significance. A release issued at the recent RSA security conference ended up disclosing a major data security program that is vital to national security. The release was to announce Robert Lentz, a Deputy Assistant Secretary of Defense for Information […]
Sometimes a key piece of information slips by in a press release without anyone realizing its significance. A release issued at the recent RSA security conference ended up disclosing a major data security program that is vital to national security.
The release was to announce Robert Lentz, a Deputy Assistant Secretary of Defense for Information and Identity Assurance (I&IA) at the Department of Defense (DoD), had been presented with an award for “excellence in the field of security practices.” Buried at the bottom was this tidbit:
“Lentz is … recognized for implementing a revolutionary risk-management based information system certification and accreditation program known as the Defense Information Assurance Certification & Accreditation Program. He launched the Defense Industrial Base (DIB) Cyber Security effort with top DIB CEO’s to develop information-sharing mechanisms, began the DoD’s first Defense Venture Capital Initiative and developed the DoD International Information Assurance Program, which forges partnerships with allies, NATO and other collective security organizations to enhance cyber situational awareness and protect U.S. information on foreign information systems.”
So how many of you have heard of the Defense Industrial Base? That’s because you weren’t supposed to.
The Defense Industrial Base (DIB) Cyber Security effort dates back at least as far as August 15, 2008, when a report entitled “U.S. Army’s Concerns with Protection of Controlled Unclassified Information” described the problem.
“Digitalization of information has introduced greater risk of compromise of DIB-held Department of Defense (DoD) controlled unclassified information that is used in the development of Warfighting systems during the acquisition lifecycle. Simply stated, hostile actors can exfiltrate large volumes of unclassified program information in a single attack that can potentially net enough information to enable adversaries to narrow a capability gap.”
The report said that data had already been lost, something the DoD and Lockheed Martin both denied last week. “Exfiltrations of unclassified data from DIB unclassified systems have occurred and continue to occur, potentially undermining or even neutralizing the technological advantage and combat effectiveness of the future force.”
The report recommended spending a little over $7 million on the program during the period from 2010 to 2015 to “oversee program protection and risk management planning with the U.S. Army.”
The program has been needed for some time. “I’ve been beating this drum for ten years,” Michael Marculec, COO of Internet monitoring company Lumeta, told InternetNews.com.
Late last year, in an op-ed in The New York Times he called for the appointment of a Chief Security Officer who would supplement President Obama’s CTO by focusing on cyber security.
Instead, the president ordered a national cybersecurity review, which is overdue but will call for significant change, Melissa Hathaway, in charge of the review, revealed at RSA.
The DIB need not be overly complex. The Internet industry already has a mechanism for distributing vulnerability data in the form of the U.S. Computer Emergency Readiness Team (US CERT).
Other security risks are monitored through programs created by the National Infrastructure Protection Plan (NIPP).
But US CERT focuses on attacks that reach a large amount of the population and the defense program is targeted by the most sophisticated, focused attacks.
“The DoD is the leading edge. They get the attacks first,” said Marculec.
“It then tends to move to financial institutions and then into regular companies. The tail end of this is industrial control systems. They’re still dealing with Code Red. They may still be running Windows Server 2000.”
The good news is that the government has started talking to businesses.
“The framework is now in place,” said Marculec. “Maybe they are not completely set up to do so, but agencies have indicated a basic willingness to start to share information.”
The DIB Cyber Security effort represents a change from the past. “Current program protection efforts largely focus on mitigating risks of compromise to Warfighting technologies as a result of traditional espionage or industrial theft,” noted the report written only nine months ago.
Article courtesy of InternetNews.com.
Ethics and Artificial Intelligence: Driving Greater Equality
FEATURE | By James Maguire,
December 16, 2020
AI vs. Machine Learning vs. Deep Learning
FEATURE | By Cynthia Harvey,
December 11, 2020
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2021
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
