While the cyber threat remains one of the most serious challenges we face as a nation, we have made some tremendous progress recently working together with industry on meaningful ways to secure our nation’s critical infrastructure.
Earlier this month, we gave the green light to two long-awaited Defense Industrial Base (DIB) efforts efforts designed to help companies protect critical information related to Department of Defense programs and missions. The DIB Cybersecurity/Information Assurance (CS/IA) program allows eligible DIB companies and the Government to share cybersecurity information. The Government shares cybersecurity threat and mitigation information with DIB companies to incorporate into their security practices, and, in turn, DIB companies report known intrusion events that may compromise DOD information to the Government and participates in damage assessments as needed. In addition, DIB enhanced Cybersecurity Services -- a joint DOD-DHS activity and based on lessons learned from the 2011 DIB Pilot -- is available as an optional part of the DIB CS/IA program in which the Government will furnish classified information that enables DIB companies or participating commercial service providers to counter additional types of known malicious activity for participating DIB companies.
This week, I will be sitting down with senior industry executives to discuss the National Strategy for Trusted Identities in Cyberspace and the value in becoming “relying parties” that would accept these credentials, giving up passwords for stronger and easier to use technologies. Next Thursday, Deputy Secretary of Energy Dan Poneman and senior officials from DHS and industry will join me to conclude the Electric Sector Cybersecurity Capability Maturity Model initiative. This initiative has shown promising results as a common tool to evaluate and strengthen cybersecurity capabilities and enable utilities to prioritize actions and cybersecurity investments. I look forward to discussing this exciting initiative this week.
Later this month, I have the opportunity to host government and industry executives to announce efforts to address one of the biggest risks to Internet security: botnets. We will showcase industry’s collaborative work to develop solutions to counter botnet threats.