DoD Mulls Defending Key Private IT Systems
Eric Chabrow writes on GovInfoSecurity.com:
The Pentagon has raised the possibility of the Defense Department becoming engaged in safeguarding nationally critical IT systems run by business.More here.
In a speech at the Strategic Command Cyber Symposium in Omaha, Neb., on Wednesday, Defense Deputy Secretary William Lynn III also outlined a major shift in DoD's approach to cybersecurity that includes drastically reducing the time to deploy IT security systems and the increased use of sophisticated technology tools to support the smaller-than-needed Defense cybersecurity workforce of the future.
Lynn said the Defense Department is mulling using the Einstein 2 intrusion detection and Einstein 3 intrusion prevention systems developed by the Department of Homeland Security to help secure critical systems such as finance and utility operated by the private sector.
"For the dot-com world, could we create a secure architecture that lets private parties opt in to the protections afforded by active defenses?" Lynn asked. "In this way protection would be voluntary. Operators of critical infrastructure could opt in to a government-sponsored security regime. Individual users who do not want to enroll could stay in the wild wild west of the unprotected Internet."