DHS to kick off cybersecurity data sharing with private sector this month
The Department of Homeland Security plans to begin sharing cybersecurity threat indicators automatically with private industry this month.
To facilitate the exchange technically, the department has developed specifications such as the Trusted Automated Exchange of Indicator Information, or TAXII, and the Structured Threat Information Expression, or STIX, Andy Ozment, the agency's assistant secretary of the Office of Cybersecurity and Communications, told a conference sponsored by the Wall Street Journal this week.
TAXII defines a set of services and message exchanges that enable sharing of cyberthreat information, while STIX is an effort to develop a standardized language to represent cyberthreat information.
Ozment stressed that the information being shared would be indicators, not details about breaches.
To facilitate the exchange of information legally, Congress passed and President Barack Obama signed into law the Cybersecurity Information Sharing Act (CISA), which eases legal barriers for companies sharing cybersecurity information with the government. Critics, however, argued that CISA does not go far enough to protect the privacy of individuals whose information is being shared with the government.
DHS intends to start small with only a few companies sharing cybersecurity data this month, but the program will eventually be expanded to a broad set of companies.
"We want to live in a world where sharing indicators is like an immune system," Ozment concluded.
- read the Journal article