DHS, DOJ issue guidelines, procedures for sharing cyber threats
DHS and the DOJ issued guidelines for private and public sector cyber threat sharing.
The Department of Homeland Security (DHS), along with the Department of Justice, issued two sets of guidelines and procedures, required by the Cybersecurity Act of 2015, for federal agencies and the private sector to use regarding the sharing of cyber threat indicators.
The department issued one set of guidelines to assist non-federal entities on how to share cyber threat indicators and defensive measures, and another set to detail how the federal government will share and use said information.
The DHS also issued interim guidelines to define how the department will implement its own process to conduct a privacy review of received information and ensure compliance with the new law over time.
Secretary Jeh C. Johnson said in a statement Tuesday that his department has improved its sharing system and added new capabilities to address the requirements of the new law.
“We know many cyber intrusions can be prevented if we share cyber threat indicators,” Johnson said. “These can include, for example, the subject line of a spear phishing email, or the IP address of the computer from which it originated,” he said.
Johnson contended that by sharing this kind of information in real-time and by swiftly applying defensive measures, the government and private sector can work together to more effectively prevent attacks.
Johnson said he encourages companies to work with the DHS to set up the technical infrastructure needed to share and receive cyber threat indicators in real-time. He said that he welcomes feedback from privacy advocates and private sector participants in the Automated Indicator Sharing system.