Dive Brief:
- The U.S. Department of Homeland Security said it plans to begin sharing cyber threat intelligence with corporations, including the indicators but not information from individual incidents.
- DHS assistant secretary of the Office of Cybersecurity and Communications, Andy Ozment, discussed the plans at the Wall Street Journal's CIO Network Conference in California on Tuesday. The department plans to share the threat information automatically.
- The new Cybersecurity Information Sharing Act gives businesses "liability protection," allowing them to share cybersecurity information with the government, the Journal reported.
Dive Insight:
DHS plans to start working with a small number of companies in about two weeks, Ozment said. The agency has created technical specifications such as the Trusted Automated eXchange of Indicator Information (TAXII), and the Structured Threat Information eXpression (STIX) to facilitate the exchange of information.
Companies will share “threat indicators” with DHS without identifying specific breaches or affected individuals. In turn, the DHS will share that same information with other businesses.
A report released last week by the Government Accountability Office found that DHS’ National Cybersecurity Protection System, is partially, but not fully, meeting its stated system objectives. The system is intended to provide the government “capabilities to detect malicious traffic traversing federal agencies' computer networks, prevent intrusions and support data analytics and information sharing,”