via Fierce Government IT
Defense Department cybersecurity pilots conducted with Internet service providers and telecom companies to protect portions of the defense industrial base should be expanded to include behavioral pattern-based threat detection, says the report accompanying the Senate Armed Services Committee’s fiscal 2012 defense authorization bill.
The committee unanimously approved the bill June 17, authorizing $682.5 billion for Defense and Energy department programs in the coming fiscal year: $553 billion for the DoD base budget, $117.8 for overseas operations, and $18.1 billion for Energy nuclear stockpile programs. The budget trims $6.4 billion from requested fiscal 2012 DoD spending, with $5.9 billion of that coming from the base budget. The bill now faces a vote by the full Senate and reconciliation with the House-approved authorization measure, which would permit the DoD to spend $690.1 in the coming fiscal year, which starts Oct. 1.
The report language notes that the DoD is already engaged in setting up cybersecurity pilots with ISPs to test their ability to employ classified threat signatures on private-sector infrastructure. But, the pilots should also test ISP-generated behavioral pattern-threat capabilities, the report says.
The Homeland Security Department and the Office of Management and Budget already have underway a program to use ISPs as the foundation for the defense of the .gov domain, with the program employing signature and behavioral-pattern capabilities, the report adds.