The Department of Homeland Security (DHS) on Tuesday said it has published guidance for federal and non-federal entities share cyber threat data with a department watch center as part of the implementation of congressional legislation approved last December.
The new guidelines, which are available on the department’s website, provide a “clear understanding” for how federal agencies and the private sector can share cyber threat indicators with the National Cybersecurity and Communications Integration Center (NCCIC) and “how the NCCIC will share and use that information,” Homeland Security Secretary Jeh Johnson said in a statement Tuesday evening.
In addition to the information sharing guidance, DHS also published interim privacy and civil liberties guidelines. These guidelines were mandated by the Cybersecurity Act of 2015, which the Obama administration supported.
The new law also provides limited liability protections for private entities that voluntarily share cyber threat indicators with DHS, a provision that has long been deemed key in incentivizing companies to let the department know if it is the subject of a cyber attack or have been hacked.
Johnson stated that even before the law was passed, “we had already made significant progress in sharing information in real-time through our Automated Indicator Sharing (AIS) system. This system allows automated, two-way sharing of cyber threat indicators with clear guidance on how to participate and what to expect.”
Johnson also said that with the new law in place, the information sharing system has been improved with new capabilities.
“I encourage companies to work with DHS to set up the technical infrastructure needed to share and receive cyber threat indicators in real time,” Johnson said.
The privacy protections require companies to remove personal information before it is shared with the government and for DHS to also review shared information for privacy concerns.
Johnson asked for feedback from the private sector and privacy advocates on the interim privacy guidelines before the statutory deadline in June.
DHS wants improved sharing of cyber threat data to enhance situational awareness of cyber threats so that the government and private sector can better prevent attacks.