The Department of Homeland Security’s (DHS) Automated Indicator Sharing (AIS) was recently the focus of a House Homeland Security Subcommittee on Cybersecurity and Infrastructure hearing that examined how effectively cyber threat information sharing practices are advancing national security.
The AIS program now shares information on cyber threats with more than 10,000 agencies, and its reach continues to grow.
U.S. Rep. John Ratcliffe (R-TX), the chairman of the subcommittee, said information among the public and private sectors is “absolutely critical” to address increasing cyber threats that Americans face each day.
“With an actual reach of more than 10,000 organizations, it’s clear that AIS is an extremely powerful tool when we put it to work the right way,” Ratcliffe said. “That’s why we must continue working to ensure we are leveraging it to its full potential.”
Agencies participating in AIS are connected to a system operated by DHS’ National Cybersecurity and Communications Center that allows for bidirectional sharing of cyber threat indicators. In addition to receiving threat indicators, participating agencies can share them using servers housed at their location.
Ann Barron-Dicamillo, the vice president of cyber intel and incident response for American Express, testified that AIS would be more effective for mature organizations in the critical infrastructure community if it offered timelier indicator sharing, more context for indicators, and continual improvements to ensure quality information is shared.
Patricia Cagliostro, a federal solutions architect manager for Anomali, highlighted the importance of threat indicator sharing among private- and public-sector entities.
“Organizations in both the public and private sector need tools to manage and integrate the overwhelming amount of threat intelligence before they’re ready to share,” she said. “When they are ready to share, trust and ease of use are critical for success.”