24 August 2017
visit www.avoka.com

Obama to push cybersecurity threat sharing

16 February 2015  |  1835 views  |  0 Source: The White House (US Government)

Today, President Obama will sign an Executive Order to encourage and promote sharing of cybersecurity threat information within the private sector and between the private sector and government.

Rapid information sharing is an essential element of effective cybersecurity, because it enables U.S. companies to work together to respond to threats, rather than operating alone. This Executive Order lays out a framework for expanded information sharing designed to help companies work together, and work with the federal government, to quickly identify and protect against cyber threats.

Encouraging Private-Sector Cybersecurity Collaboration

Encourage the development of Information Sharing Organizations: This Executive Order encourages the development of information sharing and analysis organizations (ISAOs) to serve as focal points for cybersecurity information sharing and collaboration within the private sector and between the private sector and government. Information Sharing and Analysis Centers (ISACs) are already essential drivers of effective cybersecurity collaboration, and could constitute ISAOs under this new framework. In encouraging the creation of ISAOs, the Executive Order expands information sharing by encouraging the formation of communities that share information across a region or in response to a specific emerging cyber threat.  An ISAO could be a not-for-profit community, a membership organization, or a single company facilitating sharing among its customers or partners.

Develop a common set of voluntary standards for information sharing organizations: The Executive Order also directs the Department of Homeland Security to fund the creation of a non-profit organization to develop a common set of voluntary standards for ISAOs. Developing this baseline will enable ISAOs to quickly demonstrate their policies and security protocols to potential partners. This will make collaboration safer, faster, and easier, and ensure greater coordination within the private sector to respond to cyber threats.

Enabling Better Private-Public Information Sharing

Clarify the Department of Homeland Security’s authority to enter into agreements with information sharing organizations: The Executive Order also increases collaboration between ISAOs and the federal government by streamlining the mechanism for the National Cybersecurity and Communications Integration Center (NCCIC) to enter into information sharing agreements with ISAOs. This will ensure that robust, voluntary information sharing continues and expands between the public and private sectors. The administration intends this expanded sharing to complement existing effective relationships between government and the private sector.

Streamline private sector companies’ ability to access classified cybersecurity threat information: Classified threat information can often provide valuable context to network defenders and enhance their ability to protect their systems. The Executive Order adds the Department of Homeland Security to the list of Federal agencies that approve classified information sharing arrangements and takes steps to ensure that information sharing entities can appropriately access classified cybersecurity threat information.

Providing Strong Privacy and Civil Liberties Protections

The Executive Order ensures that information sharing enabled by this new framework will include strong protections for privacy and civil liberties. Private sector ISAOs will agree to abide by a common set of voluntary standards, which will include privacy protections, such as minimization, for ISAO operation and ISAO member participation. In addition, agencies collaborating with ISAOs under this order will coordinate their activities with their senior agency officials for privacy and civil liberties and ensure that appropriate protections for privacy and civil liberties are in place and are based upon the Fair Information Practice Principles.

Paving the Way for Future Legislation

The Executive Order also complements the Administration’s January 2015 legislative proposal, and paves the way for new legislation, by building out the concept of ISAOs as a framework for the targeted liability protections that the Administration has long asserted are pivotal to incentivizing and expanding information sharing. The Administration intends this proposal to complement and not to limit existing effective relationships between government and the private sector.

Comments: (0)

Comment on this story (membership required)

Related blogs

Create a blog about this story (membership required)
visit www.worldpaymentsreport.comvisit www.niceactimize.comvisit www.vasco.com

Top topics

Most viewed Most shared
Rabobank constructs physical model to understand IT architectureRabobank constructs physical model to unde...
21711 views comments | 45 tweets | 90 linkedin
Barclays pairs banking data with third party apps for SmartBusiness DashboardBarclays pairs banking data with third par...
12131 views comments | 22 tweets | 35 linkedin
Australia regulates digital currenciesAustralia regulates digital currencies
11594 views comments | 21 tweets | 35 linkedin
RBS to bring Silicon Valley to EdinburghRBS to bring Silicon Valley to Edinburgh
11325 views comments | 10 tweets | 8 linkedin
hands typing furiouslyWhy Is Risk Analytics Important?
10937 views 0 | 7 tweets | 1 linkedin

Featured job

New York, NY - USA (some flexibility on location)

Find your next job