The Department of Defense’s (DoD) Cyber Crime Center (DC3) is launching a pilot program for Defense Industrial Base (DIB) companies to participate in their Vulnerability Disclosure Program (VDP), which shares vulnerability data and aims to improve cyber hygiene.
In a tweet announcing the DIB-VDP Pilot Program, DC3 wrote, “If you’re a small to medium sized DIB company and are interested in attending an industry day on Feb 12th to learn how this free, DoD-provided capability will improve your #cyberhygiene please send an email to DIB-VDP@dc3.mil for an invite. Application window opens after event!”
The pilot program will launch on April 5, in collaboration with the Defense Counterintelligence and Security Agency (DCSA) and the DoD DIB Collaborative Information Sharing Environment (DCISE).
DC3 said the pilot program was based upon a “strong recommendation” from Carnegie Mellon University’s Software Engineering Institute, which conducted a feasibility study for the pilot program.
In the study, the university’s Software Engineering Institute said the program would be “the most effective means of sharing vulnerabilities with DIB companies since it allows for not only potential mitigation of vulnerabilities, but also encourages vulnerability discovery in DIB company internet-facing information systems.”