DHS Aiming for Tweaks to Cyber Information Sharing Program in 2018, Manfra Says
The Department of Homeland Security's National Protection and Programs Directorate is aiming to tweak its Automated Indicator Sharing (AIS) program in the coming months in a bid to improve the quality of cybersecurity information the department sends to the private sector, said DHS Assistant Secretary-NPPD Office of Cybersecurity and Communications (OCC) Jeanette Manfra during a Thursday USTelecom event. The 2015 Cybersecurity Act, which made DHS the main civilian portal for cyber information sharing, directed the department to create AIS as its main civilian cybersecurity information sharing portal (see 1512180052).
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
More than 200 entities have signed up to receive information from AIS but some of those organizations have told DHS that the indicators they're receiving thus far “aren't very useful to me,” Manfra said. "I've already got a pretty sophisticated capability." Entities with built-in refined cyber capabilities should focus more on being a contributor to the AIS portal than a recipient, but NPPD recognizes that it needs to be providing additional context for the information it disseminates, Manfra said. The department is aiming to collect more feedback from participants “because the more understanding that we get” on how entities are using AIS-provided indicators, the “more that we can understand differentiating these different indicators and doing more analysis,” she said.
NPPD is also aiming to increase collaboration with the private sector via its Cyber Information Sharing and Collaboration Program, Manfra said. The department was encouraged by its sharing of draft analyses of data on the WannaCry ransomware attack (see 1705150008 and 1705120055) with the private sector and wants “to continue to push” for additional collaboration in the future, she said. “We're building that capability to have more of those analysts available to industry” on a regular basis so “we can talk about these long-term potentially catastrophic or systemic risks.”
Manfra said she also will focus on internal improvements to OCC, including its data analysis capabilities. “The uniqueness of where DHS sits is at this brilliant … nexus of data and partnerships,” she said. “Previously we were focused on the data collection” side and “now it's got to be about investing in the analytic capability.” OCC's value is in “turning that data into information that is useful for people to make risk-based decisions, whether that's very tactical and quick in response to an incident” or “understanding the big-picture risk,” Manfra said.
Federal and private sector officials emphasized the increasing importance of collaborating and cooperating on implementation of cybersecurity policies, such as elements of President Donald Trump's 2017 cybersecurity executive order. The EO in part directed DHS and the Office of Management and Budget to assess all federal agencies' cybersecurity risks and required agencies to manage their risk using the National Institute of Standards and Technology's Cybersecurity Framework (see 1705110058). “Our collective national and economic security depends entirely on our ability to secure the digital infrastructure that binds it together,” said USTelecom CEO Jonathan Spalter. Trump's order forced federal agencies to accept that cybersecurity is “too complicated” a topic for them to tackle individually, said DHS Deputy Assistant Secretary-Cybersecurity Policy Tom McDermott. “We need to do it together.” He said DHS and the FBI have been working together on cybersecurity “much more closely” than “was ever the case before.”