Incident Response, Network Security, TDR, Threat Management

DHS, DOJ issue guidelines, procedures for sharing cyber threats


The Department of Homeland Security (DHS), along with the Department of Justice, issued two sets of guidelines and procedures, required by the Cybersecurity Act of 2015, for federal agencies and the private sector to use regarding the sharing of cyber threat indicators.


The department issued one set of guidelines to assist non-federal entities on how to share cyber threat indicators and defensive measures, and another set to detail how the federal government will share and use said information.

The DHS also issued interim guidelines to define how the department will implement its own process to conduct a privacy review of received information and ensure compliance with the new law over time.

Secretary Jeh C. Johnson said in a statement Tuesday that his department has improved its sharing system and added new capabilities to address the requirements of the new law.

“We know many cyber intrusions can be prevented if we share cyber threat indicators,” Johnson said. “These can include, for example, the subject line of a spear phishing email, or the IP address of the computer from which it originated,” he said.

Johnson contended that by sharing this kind of information in real-time and by swiftly applying defensive measures, the government and private sector can work together to more effectively prevent attacks.  

Johnson said he encourages companies to work with the DHS to set up the technical infrastructure needed to share and receive cyber threat indicators in real-time. He said that he welcomes feedback from privacy advocates and private sector participants in the Automated Indicator Sharing system.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.