Critical Infrastructure Security, Incident Response, TDR

DHS launches two-way threat sharing system for public-private collaboration

The Department of Homeland Security (DHS) has declared itself officially ready to exchange cybersecurity intelligence with private industries and other organizations using an automated threat-sharing system, under the terms of the Cybersecurity Act of 2015.

Central to this announcement was the deployment of DHS's new Automated Indicator Sharing (AIS) system, the tool that the DHS and other federal agencies will use to electronically share cyberthreat data, in virtually real-time, with businesses, critical infrastructure partners, non-profits, academic institutions, foreign allies, Information Sharing and Analysis Centers (ISACs) and Information Sharing and Analysis Organizations (ISAOs). In an announcement posted on DHS' web site, the agency stated that “when one participant detects a threat, all participants in AIS will learn about it.”

DHS launched the AIS system yesterday at its National Cybersecurity and Communications Integration Center in Virginia, in the presence of key U.S. officials including DHS Secretary Jeh Johnson; U.S. Rep. Michael McCaul (R-Tex.), chairman of the House Committee on Homeland Security; and Rep. John Ratcliffe (R-Tex.).

Yesterday was the official deadline imposed by the Cybersecurity Act of 2015 to commence automated two-way sharing of cyberintelligence. While AIS technically launched in time, the DHS acknowledged that its standards will still continue to evolve over time as additional entities join this information-sharing ecosystem. Businesses that choose to participate will be broadly shielded from civil, regulatory or antitrust liability for any actions related to the sharing of cyberthreat information.

The National Retail Federation, a strong proponent of the Cybersecurity Information Sharing Act (CISA) upon which the Cybersecurity Act of 2015 was built, applauded the launch of AIS in an emailed statement to “Sharing information on cyberthreats will create an atmosphere of community vigilance that will ensure that consumers' sensitive data is kept safe,” said David French, senior vice president for government relations at the NRF.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.