DHS Official: Data Sharing Platform Set to go Live Soon

Posted by

Andy Ozment, assistant secretary-Office of Cybersecurity and Communications at the Department of Homeland Security’s National Protections and Programs Directorate, said today that DHS expects to go live in the next couple of months with a new platform that will combine cyber threat indicators gathered by DHS as well as threat data received from the private sector. Speaking at an event organized by the Utilities Telecom Council, Mr. Ozment said DHS has been piloting the new sharing platform for the past year, and expects to “go live” with it “in a couple of months.”  He continued, “That’s the goal with indicators . . . We’ve made tremendous efforts in the past few years, but particularly in the last year.”

He noted that while Congress continues to consider legislation that would make it easier for the private sector – by conferring liability protections, among other steps – to share threat data with the federal government, DHS will continue to share threat data with willing parties regardless of whether current legislative efforts become law.   Speaking of tactical threat data, he said, “we share that with companies all day, right now.”

Mr. Ozment continued, “Companies that care right now share information” with DHS.  But, he said, “I have to make it easier” for private sector entities to share threat data with the government, and he said that legislation providing for liability protections to private sector entities that share data with the government will help to decrease the perceived risk of sharing.

If Congress does not act, DHS will continue to “concentrate on delivering value” through threat data sharing and existing arrangements including the Critical Infrastructure Cyber Information Sharing and Collaboration Program (CISCP) and the Enhanced Cybersecurity Services (ECS) program, Mr. Ozment said.  The latter program, he said, involves the sharing of DHS-developed threat indicators through private intrusion prevention service providers including Verizon Communications, Inc., AT&T, Inc., CenturyLink, Inc., and Lockheed Martin.

Mr. Ozment also recapped DHS’s mission to help utilities and other critical infrastructure sectors improve cybersecurity, including through supply chain risk assessments, raising awareness on security best practices, and promoting private sector security efforts in the private sector at the board of directors and senior executive levels.   “Target and Sony have helped us tremendously in raising awareness,” he jokingly said, adding that since those and other high-profile network hacks in the past few years, DHS is seeing “tremendous new awareness” of security issues among corporate directors.  – John Curran, john.curran@wolterskluwer.com

Courtesy TRDaily