It was announced on May 19 in several sources, including Federal Computer Week and CNET News, that Microsoft has launched a pilot program for government organizations and providers of critical infrastructure to have right of entry to in-depth technical information about operating system patches before they are publicly released. The new program, the Defensive Information Sharing Program (DISP), will commence as a pilot program this summer and blossom into a full program later this year.
Since the goverment has dual roles in (a) protecting the critical infrastructure and government assets from attacks as well as (b) serving as the entity that coordinates defensive actions between both private and public sectors to ensure protection from computer-based attacks, those roles mandate access to critical information as early as possible in order to assess, plan and execute defensive actions. DISP is aimed at sharing key technical information in a structured, secure manner with government entities at the national level on Microsoft vulnerabilities and strategies to aid in securing critical infrastructure, understanding the threat to Microsoft’s technology environment and making defensive risk assessments decisions more quickly.
A second program, the Critical Infrastructure Partner Program (CIPP), will provide valuable insights on security policy.