By Bob Gourley
My friends (and former employers) at Northrop Grumman just announced they have signed a memorandum of agreement with the Department of Homeland Security (DHS) designed to enhance cybersecurity protections of the nation’s critical infrastructure.
This is associated with the DHS’s Enhanced Cybersecurity Services (ECS) program.
The following is from the Northrop Grumman press release:
FALLS CHURCH, Va., May 13, 2013 /PRNewswire/ — Northrop Grumman Corporation (NYSE:NOC) has signed a memorandum of agreement with the Department of Homeland Security (DHS) that will enable the expansion of cybersecurity protections for the nation’s critical infrastructure. Northrop Grumman is now starting the security accreditation process which is required before approval to operate as a commercial services provider under the DHS Enhanced Cybersecurity Services (ECS) program.
ECS is an information-sharing program to assist critical infrastructure owners and operators in enhancing the cybersecurity protections of their information systems from unauthorized access, exploitation and data exfiltration. Under ECS, DHS will share classified and unclassified cyber threat “indicators” with designated Commercial Service Providers, and the Commercial Services Providers will utilize the threat indicators to provide approved cybersecurity services to authorized critical infrastructure entities.
“The Enhanced Cybersecurity Services program is a smart way to extend cyber protections to assets, networks and systems that are vital to the security of our country,” said Jim Myers , vice president and general manager, Cyber Solutions division, Northrop Grumman Information Systems. “As a leader in cybersecurity, we understand that securing our critical infrastructure against cyber intrusion is essential to our economic well-being and national security.”
Northrop Grumman is an industry leader in all aspects of computer network operations and cybersecurity, offering customers innovative solutions to help secure the nation’s cyber future. In July 2012, the company announced that it had joined forces with AREVA Inc. to provide cybersecurity protection support for the nuclear industry. The alliance is in response to the Nuclear Regulatory Commission’s call for commercial nuclear facilities to develop and implement cybersecurity plans.
Northrop Grumman is a leading global security company providing innovative systems, products and solutions in unmanned systems, cybersecurity, C4ISR, and logistics and modernization to government and commercial customers worldwide. Please visit www.northropgrumman.com for more information.
Here is more on the Enhanced Cybersecurity Services (ECS) program:
ECS is a voluntary information sharing program that assists critical infrastructure owners and operators as they improve the protection of their systems from unauthorized access, exploitation, or data exfiltration. DHS works with cybersecurity organizations from across the federal government to gain access to a broad range of sensitive and classified cyber threat information. DHS develops indicators based on this information and shares them with qualified Commercial Service Providers (CSPs), thus enabling them to better protect their customers who are critical infrastructure entities. ECS augments, but does not replace, an entities’ existing cybersecurity capabilities.
The ECS program does not involve government monitoring of private networks or communications. Under the ECS program, information relating to threats and malware activities detected by the CSPs is not directly shared between the critical infrastructure CSP customers and the government. However, when a CSP customer voluntarily agrees, the CSP may share limited and anonymized information with ECS. See the Privacy Impact Assessment below for more details.