In 2008, the Department of Defense Cyber Crime Center (DC3) invited 16 companies to discuss information sharing and collaboration. Today, DC3 partners with 400 companies to share information.
Maintaining relationships with partner companies was an important subject at the Federal Forum 2016’s panel on Information Sharing and Next-Gen Defense. Steve Shirley, executive director of DC3, said that building trust with the 16 initial companies was a constant exercise as the agency continues to establish more ties.
“Trust is like morale. It’s easy to say, tough to build,” Shirley said. “You’ve got to work on it every day.”
Although some of the DC3 partner companies needed assurance that the information sharing was to both parties’ gain, Shirley said the level of engagement among agency partners is rising. He said that, in addition to conducting tool surveys among its partners, DC3 also hosts discussions to collaborate and share ideas.
“Discussion opens doors,” Shirley said. “It’s not necessarily government guys at the table talking about these things. It’s industry guys.”
Greg Touhill, deputy assistant secretary of cybersecurity and communications for the Department of Homeland Security, said that his agency has extended similar collaboration to private companies with its Enhanced Cybersecurity Services program. Through this program, ECS shares sensitive cyber threat information with accredited private companies.
Touhill mentioned that ECS has been purchasing tool sets for these partner companies, as well as working with academia to develop mechanisms that will recognize warning signs in cybersecurity.
“We’re buying tool sets that address a wide variety of mission needs,” Touhill said. “We’re trying to help foster and shape that marketplace.”