News Feature | October 9, 2014

IG Report Recommends Ways To Boost ECS's Participation Rate, Efficiency

Christine Kern

By Christine Kern, contributing writer

IG Report Recommends Ways To Boost ECS’s Participation Rate, Efficiency

A report from the Office of Information Technology Audits “Implementation Status of the Enhanced Cybersecurity Services (ECS) Program,” makes three recommendations for improving the ECS program. The overall purpose of the inspector general’s report was “to determine the effectiveness of the ECS program to disseminate cyber threat and technical information with the critical infrastructure sectors through commercial service providers.”

It has been more than a year since Executive Order 13636 directed the Department of Homeland Security to expand the ECS program to voluntarily share classified and unclassified threat indicators to all 16 critical infrastructure sectors. Although the National Protection Programs Directorate (NPPD) has made progress, according the report’s executive summary, “the Enhanced Cyber Security Services program has been slow to expand because of limited outreach and resources. In addition, cyber threat information sharing relies on NPPD’s manual reviews and analysis, which has led to inconsistent cyber threat indicator quality.”

The report recommends the Assistant Secretary, Office of Cybersecurity and Communications:

  1. ensure sufficient resources for security validation and the accreditation process for commercial services providers (CSPs) and operational implementers (OIs).
  2. improve the ECS’s outreach across all infrastructure sectors, including services providers.
  3. develop a system to manage and analyze cyber threat indicators for the program.

The report states NPPD concurred with the first recommendation; interest from CSPs and OIs was higher than the department anticipated, with 22 memorandums of agreement with interested parties as of May 2014. The report also points out, “It is also important to highlight that the Federal Government — through DHS — is sharing Government Furnished Information that may be classified up to the Top Secret Sensitive Compartmented Information to qualified CSPs/OIs. The classification of the information and purpose of the system dictates an intensive security process. This combined with various CSP architectures creates a highly involved, yet cooperative process, between CSP/OI and DHS.”

NPPD also concurred with the second recommendation to improve ECS’s outreach. The program management office is drafting a targeted ECS outreach strategy, which was set to be finalized this month.

The report states the third recommendation should be closed, as the Cyber Indicator Analysis Platform provides the capability to manage and analyze cyber threat indicators. The installation and accreditation of the platform was completed on May 16, 2014.