generated from cloud-gov/pages-uswds-jekyll
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Create News “watchdog-finds-‘sufficient’-cyber-threat-sharing-at-agen…
…cies-but-barriers-remain”
- Loading branch information
Showing
1 changed file
with
35 additions
and
0 deletions.
There are no files selected for viewing
35 changes: 35 additions & 0 deletions
35
...hdog-finds-‘sufficient’-cyber-threat-sharing-at-agencies-but-barriers-remain.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| --- | ||
| layout: news | ||
| publisher: NEXT GOV | ||
| title: Watchdog finds ‘sufficient’ cyber threat sharing at agencies, but | ||
| barriers remain | ||
| url-link: https://www.nextgov.com/cybersecurity/2024/01/watchdog-finds-sufficient-cyber-threat-sharing-agencies-barriers-remain/393219/ | ||
| publication-date: January 09, 2024 | ||
| description: The Intelligence Community Inspector General's biennial update on | ||
| cybersecurity information sharing indicates progress in the last two years, | ||
| but also identifies persistent challenges. The report evaluates the | ||
| implementation of the Cybersecurity Information Sharing Act of 2015, involving | ||
| input from various departments and the Office of the Director of National | ||
| Intelligence (ODNI). While policies, procedures, and guidelines for sharing | ||
| cyber threat indicators are deemed sufficient, issues such as reluctance to | ||
| share outside the federal collection, over-classification of information, and | ||
| resource constraints hinder effective information sharing. Departments like | ||
| Commerce prefer to share only within the federal collection, and private | ||
| companies hesitate due to potential legal and competitive concerns. | ||
| Over-classification and the effort required to declassify information delay | ||
| its use, and transferring information from classified to unclassified systems | ||
| poses difficulties. Additionally, resource constraints affect the review of | ||
| incoming information, and concerns about the quality of cyber information and | ||
| the functionality of tools like CISA's Automated Indicator Sharing capability | ||
| further complicate the sharing process. | ||
| synopsis: >- | ||
| * **Progress in Cyber Threat Information Sharing:** The report acknowledges | ||
| improvements in cyber threat information sharing within the government over | ||
| the last two years. | ||
| * **Challenges in Sharing Outside Federal Collection:** Some departments, like Commerce, are reluctant to share outside the federal collection, and private companies are hesitant due to legal and competitive concerns. | ||
| * **Over-Classification and Declassification Issues:** Concerns about over-classification hinder information sharing, and the process of declassifying information is seen as a significant delay. | ||
| * **Resource Constraints:** Agencies face challenges due to a lack of personnel to review incoming information, affecting the effectiveness of information sharing. | ||
| --- |