September 23, 2019

September 20, 2019

Subscribe to Latest Legal News and Analysis

DHS Releases Guidance for Sharing Cyber Threat Indicators and Defensive Measures

The US Department of Homeland Security (DHS) issued guidance to facilitate and promote timely and proper sharing of cyber threat indicators (CTIs) and defensive measures (DMs) under the Cybersecurity Information Sharing Act of 2015 (CISA), which was passed as part of the Cybersecurity Act of 2015. The DHS also released guidance about interim procedures for federal entities related to receiving cyber threat indicators and defensive measures, privacy and civil liberties, and how to assist nonfederal entities with sharing cyber threat indicators and defensive measures with federal entities.

Highlights of the guidance for sharing CTIs and DMs under CISA include the following:

  • Directing the director of national intelligence, the secretary of DHS, the secretary of defense, and the attorney general, along with the heads of appropriate federal entities to develop and promote

    • timely sharing

      • of CTIs and DMs in the possession of the federal government with representatives of relevant federal entities and nonfederal entities that have appropriate security clearances;

      • with relevant federal entities and nonfederal entities of CTIs, DMs, and information relating to cybersecurity threats or authorized uses in the possession of the federal government that may be declassified and shared at an unclassified level;

      • with relevant federal entities and nonfederal entities or the public. if appropriate, of unclassified (including controlled unclassified) CTIs and DMs in the possession of the federal government; and

      • with federal entities and nonfederal entities, if appropriate, of information relating to cybersecurity threats or authorized uses in the possession of the federal government about cybersecurity threats to such entities to prevent or mitigate adverse effects from such cybersecurity threats.

  • periodic sharing, through publication and targeted outreach, of cybersecurity best practices, with attention to accessibility and implementation challenges faced by small businesses.

Copyright © 2019 by Morgan, Lewis & Bockius LLP. All Rights Reserved.

TRENDING LEGAL ANALYSIS


About this Author

Emily Lowe, Corporate finance Attorney, Morgan Lewis
Of Counsel

Emily R. Lowe represents clients in commercial transactions, with a focus on the acquisition, use, protection, development, and commercialization of technology and biotechnology. Emily helps domestic and international companies commercialize their products through various commercial vehicles, including manufacturing and supply agreements and distribution strategies, and development and licensing agreements.

412.560.7438
Susan Milyavsky, Morgan Lewis, technology attorney
Associate

Susan Milyavsky focuses her practice on technology, outsourcing, and commercial contracting matters. She drafts and negotiates outsourcing, consulting and professional services, and other business process outsourcing deals for functions such as information technology, finance and accounting, human resources, and procurement.

212.309.6982