OCR of the Document

View the Document >>

Department of Homeland Security, DHS Can Improve Cyber Threat Information Sharing, November 6, 2017. Unclassified.

OFFICE OF INSPECTOR GENERAL Department of Homeland Security FOR IMMEDIATE RELEASE Monday November 6 2017 For Information Contact Public Affairs 202 254-4100 DHS Can Improve Cyber Threat Information Sharing In a newly released report the Department of Homeland Security DHS Office of Inspector General OIG found that while DHS has established a process for sharing cyber threat information between the Federal government and the private sector improvements are still needed DHS has developed the capability to share cyber threat information and defensive measures among Federal state local tribal and territorial governments the private sector information sharing analysis centers and organizations and foreign government companies DHS has also properly classified cyber threat indicators and defensive measures and accounted for the security clearances of private sector recipients who receive such information Despite this progress DHS still faces challenges to effectively share cyber threat information across Federal and private sector entities DHS' system is focused on volume velocity and timeliness of information but does not provide the quality contextual data needed to effectively defend against ever-evolving threats Because the system is automated with pre-determined data fields it may not always provide adequate information regarding specific incidents tactics techniques and procedures that unauthorized users used to exploit software vulnerabilities Given these limitations Federal and private sector partners sometimes rely on other systems or participate in other DHS information sharing programs to obtain quality cyber threat data Moreover the unclassified and classified databases and repositories are not integrated restricting analysts' ability to compile complete situational awareness of potential threats Finally DHS should also enhance its outreach to increase participation and improve information sharing We made five recommendations for the National Protection Programs Directorate to improve its information sharing capability DHS needs to ensure that cyber threat information sharing between federal and private partners is effective said Inspector General John Roth The improvements we are recommending today should increase participation and enhance DHS' ability to analyze coordinate and share cyber threat information ###                     National Security Archive    Suite 701  Gelman Library  The George Washington University    2130 H Street  NW  Washington  D C  20037    Phone  202 994‐7000  Fax  202 994‐7005  nsarchiv@gwu edu