DHS has announced a new platform that allows the government and the private sector to exchange cybersecurity threat information with one another as part of a larger federal push to bolster cybersecurity.
The Automated Indicator Sharing (AIS) initiative is a capability that DHS has developed to enable the timely exchange of cyber threat indicators among the federal departments and agencies and the private sector and other non-federal entities. This capability supports federal departments and agencies and the private sector and other non-federal entities in addressing cyber threats to public health and safety, national security, and economic security while ensuring appropriate privacy, civil liberties, and other compliance protections.
The platform, which is voluntary, will ingest indicators from government and private-sector sources, automatically remove unnecessary personally identifiable information, then disseminate the indicators to participants. Companies can sign up to receive the feed, but don’t have to share indicators themselves
The Cybersecurity Information Sharing Act, which became law in December 2015, gives companies liability protection that allows them to share indicators with the government. About 58% of respondents at the CIO Network conference said the new law would make it more likely for them to cooperate with the government if their systems were hacked.
The platform uses technical specifications including the Trusted Automated eXchange of Indicator Information (TAXII), which defines a set of services and message exchanges that, when implemented, enable sharing of actionable cyber threat information. It also uses Structured Threat Information eXpression (STIX), a collaborative effort to develop a structured language to represent threat information.
That architecture would allow it to work with industry-led Information Sharing and Analysis Centers, known as ISACs, which promote information sharing among companies. Chief information officers and security leaders have said ISACs provide valuable networking opportunities but don’t always produce meaningful results for their businesses.