The Cybersecurity and Infrastructure Security Agency (CISA) is aiming to make improvements to a program designed to share cyber threat data between government and the private sector entities – at the same time as the Department of Homeland Security’s (DHS) Office of the Inspector General (OIG) issued a report calling for several specific program improvements.
The DHS OIG report concludes that CISA has made only limited progress on improving the overall quality of cyber threat data that it shares with Automated Indicator Sharing (AIS) participants under a program that aims to reduce cyber threats.
In a bid to improve the effectiveness of the AIS program, CISA said it intends to build its national cyber threat information sharing strategy in collaboration with partners and stakeholders – a project it plans to complete by September 2021.
“CISA’s lack of progress in improving the quality of information it shares can be attributed to a number of factors, such as limited numbers of AIS participants sharing cyber indicators with CISA, delays receiving cyber threat intelligence standards, and insufficient CISA office staff,” the OIG report said. “To be more effective, CISA should hire the staff it needs to provide outreach, guidance, and training.”
To improve the quality of information CISA shares, the OIG made four recommendations—all of which the agency agreed to. The recommendations are:
- Developing an approach to encourage Federal and private AIS participants to share information with CISA and become data producers under the AIS program;
- Collaborating with the Organization for the Advancement of Structured Information Standards to expedite approval of new standards so AIS upgrades can be completed;
- Promoting the AIS program through increased outreach, training, technical assistance, and information sharing forums for Federal and private entities; and
- Placing priority on hiring administrative and operational staff needed to conduct outreach, training, and performance measurement to improve the AIS program’s effectiveness.
“CISA notes OIG’s recognition that CISA has made progress by addressing the basic information sharing requirements of the Cybersecurity Act of 2015. CISA also remains committed to improving the overall quality of information it shares with [AIS] participants, as well as mitigating evolving security threats and vulnerabilities to the Nation’s systems and networks,” CISA Director Christopher Krebs wrote in response to the report.