The US Department of Homeland Security has published guidelines on how the private sector and federal entities can share cyber threat indicators (CTIs) with the US federal government.
The Department has also provided interim policies and procedures for how federal entities can receive and use CTIs, how privacy and civil liberties can receive, store, use and disseminate them, and how federal agencies can share information in the government’s possession.
These guides are to make sure that the entities that want to take advantage of the Cybersecurity Information Sharing Act (CISA), signed into law last December, can do so in a simple and standardized manner, and that those who receive the information know exactly how to use it and disseminate it.
Among other things, CISA allows companies to share information (CTIs, defensive measures) about cyber attacks they suffered with government agencies, without having to worry about getting sued by users for breach of privacy.
The sharing will be executed through the Department’s Automated Indicator Sharing (AIS) initiative, and will result in the its National Cybersecurity and Communications Integration Center (NCCIC) receiving CTIs from the various entities, anonymizing them, and disseminating them to some or all of the above mentioned federal, non-federal and private sector entities.
Those who, for whatever reason, don’t want to join the AIS, can still share CTIs and defensive measures via email or web form.