Moreover, there are doubts from some companies about how actionable the data they receive will really be. "Once you get the data, how much of it can be disseminated within your organization beyond this bubble of classified folks is also going to be problematic...," Braunberg said.
Just because the government considers information classified doesn't mean it's secret. "A lot of this general information is over-classified to begin with," Bambenek said.
"There are times that I've picked up on things that I later learned through the grapevine are being disseminated as classified," he continued. "If I had security clearance, that would complicate my ability to discuss things that I found through open-source intelligence gathering that later became classified."
While ECS hasn't caught fire yet, it's still too early to judge its success or failure, noted Greg Garcia, founder and principal of Garcia Cyber Partners and a former DHS assistant secretary for cybersecurity.
"DHS is just getting this off the ground," he said in an interview. "If someone shows you a shiny new watch, you want to assess whether it keeps good time, is reliable and is cost effective. The cost-benefit analysis is what companies are undertaking right now."
Another development may be giving companies pause: The recent controversy over government snooping. "There's certainly a lot of people taking a step back and looking at how involved they want to be in light of the PR heat over PRISM," Bambenek said.
Garcia added: "Might there be companies looking at ECS and see the PR concerns around PRISM and slow down their movement? Maybe so. They may want to lay low. But this will pass and then the question to be asked and answered will be, 'Is this program going to be cost effective for the companies?'"
Sign up for CIO Asia eNewsletters.