Noting the growth of security awareness and the need to have as much information as possible, companies from half of the nation’s 16 key industries, including chemical and water, have paid for special technology to join a Department of Homeland Security program that shares classified cyberthreat intelligence.
Participation in the Enhanced Cybersecurity Services initiative has more than doubled over the past few months.
Through the voluntary program – previously exclusive to defense contractors – cleared Internet service providers feed nonpublic government information about threats into the anti-malware systems of critical sector networks.
As of July, only three industries – energy, communications and defense – were using the service, according to a DHS inspector general audit.
Now, DHS said the financial, water, chemical, information technology and transportation sectors also are receiving the threat indicators. The service has been available since 2013.
“DHS continues to work closely with our public and private sector partners in expanding the Enhanced Cybersecurity Services program to all critical infrastructure sectors that operate the systems we all rely on,” DHS spokesman S.Y. Lee said. “Information sharing is a key part of the Department of Homeland Security’s important mission to create shared situational awareness of malicious cyber activity.”
Andy Ozment, assistant secretary for the DHS Office of Cybersecurity and Communications, who took office in April, has made the program a priority.
“Now that he’s had a few months to get settled, you’re seeing some fruits of labor from his team,” said Dan Waddell, director of U.S. government affairs for (ISC)2, a security industry association.
In May, DHS also deployed automation that “is making the data sharing process much more efficient, so as the word spreads, folks are more likely to join now versus when it was a manual process,” he said.
President Barack Obama in February 2013 issued an executive order to extend the intelligence-sharing program outside the defense sector and create separate, optional cyber security controls. The intelligence-sharing service works by blocking certain IP and email addresses, attachments and additional “signatures” of hacker campaigns National Security Agency staff and other cyber analysts discovered.
But the added protection comes with a price tag. Companies typically must cover the costs of new equipment and additional security professionals.
“This is not a trivial exercise and requires a significant investment in people, process and technology on the part of the” ISP or critical infrastructure company, Waddell said.