InfoBytes Blog
Department of Homeland Security Publishes CISA Procedures and Guidance
On February 16, the DHS published guidance for both private and federal entities on the sharing of cyber threat indicators with the federal government. As required by the Cybersecurity Information Sharing Act of 2015 (CISA), the DHS and the DOJ jointly released the following four documents: (i) Sharing of Cyber Threat Indicators and Defensive Measures by the Federal Government; (ii) Guidance to Assist Non-Federal Entities to Share Cyber Threat Indicators and Defensive Measures with the Federal Entities; (iii) Interim Procedures Related to the Receipt of Cyber Threat Indicators and Defensive Measures by the Federal Government; and (iv) Privacy and Civil Liberties Interim Guidelines. The first two documents focus on assisting private sector and federal entities identify indicators and defensive measures for cybersecurity threats. The third document establishes procedures relating to the receipt of certain cyber threat indicators and defensive measures by all federal entities under CISA. The fourth document establishes interim privacy and civil liberties guidelines for federal entities on the receipt, retention, use, and dissemination of cyber threat indicators.