Cybersecurity Information Sharing Act Procedures and Guidance Released
- Guidance for non-Federal (mostly, private-sector) entities on the sharing of cyber threat indicators and defensive measures;
- Guidance for Federal entities on the sharing of cyber threat indicators and defensive measures;
- Interim procedures related to the receipt of such information by the federal government; and
- Privacy and civil liberties interim guidelines.
A Federal Register notice (currently available here for pre-publication review) from DHS is scheduled to be published on February 18, 2016.
Notably, the guidance, procedures, and guidelines are expected to influence the Information Sharing and Analysis Organizations (ISAO) standards development effort (more here). While the ISAO standards development effort is not expected to recreate the DHS-DOJ documents, best practice recommendations for ISAOs to implement and apply the newly released guidance documents, procedures, and guidelines are under consideration.