Category Archives: ais

Why is it so hard to sign up for the feds’ cyberthreat information sharing program?

Posted on by

A little more than a year since the Department of Homeland Security launched the Automated Indicator Sharing program, private sector adoption of the cyberthreat information service has been sluggish. Critics have said the data has problems with quality and timeliness. But some experts say there’s another — and perhaps more important — issue: For most companies, it’s just too darn hard to sign up. One private sector executive who spoke to CyberScoop but asked for anonymity to preserve relationships at DHS, said company leaders “reared back hard” when they discovered what was involved in getting onboarded to AIS, which shares cyberthreat indicators gleaned from U.S. intelligence with the private sector. “You have to negotiate a special deal, which means lawyers’ time. You have to buy and install special equipment … You need people working on it … When you add it all up, it was a six-figure proposition with no [return on investment] you can […]

The post Why is it so hard to sign up for the feds’ cyberthreat information sharing program? appeared first on Cyberscoop.

Continue reading Why is it so hard to sign up for the feds’ cyberthreat information sharing program?

Experts say government’s information sharing program is all take and no give

Posted on by

Information sharing among private sector companies and with the federal government suffers from a tragedy of the commons, lawmakers were told Wednesday — everyone wants to receive information about cyberthreats, but few are prepared to make the effort to give back. “To do information sharing, that takes work,” said former White House cyber official Rob Knake, testifying on behalf of the Global Resilience Institute before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection. Additional staff have to be hired, or existing ones assigned away from their regular duties, he said. Especially during the immediate aftermath of a hack, “That’s the last thing you want to do.” But it is precisely at that time that the value of sharing is greatest, he added, calling that “One of the hardest problems in information sharing — when you’re attacked, sharing information doesn’t help you, it helps everyone else. When an incident happens, what everybody wants […]

The post Experts say government’s information sharing program is all take and no give appeared first on Cyberscoop.

Continue reading Experts say government’s information sharing program is all take and no give

Watchdog: DHS prioritizing speed over context for AIS program

Posted on by

Sharing threat intelligence with the private sector at the Department of Homeland Security is hamstrung by prioritizing speed of release over adding context or other value; and because there’s no integration between classified and unclassified databases, leaving analysts with only half the picture, an agency watchdog said Monday. “Given these limitations” to DHS’s automated information sharing (AIS) program “federal and private sector partners sometimes rely on other systems or participate in other DHS information sharing programs to obtain quality cyber threat data,” finds a report from the department’s inspector general. The IG was mandated by the 2015 Cybersecurity Act to report biennially on the department’s efforts with regards to the AIS program. The Cybersecurity Act created liability protections for private sector companies that shared cyberthreat information with the federal government through DHS, and usher in a new era in which “indicators of compromise” — the tell-tale signs of a cyber-intrusion — could […]

The post Watchdog: DHS prioritizing speed over context for AIS program appeared first on Cyberscoop.

Continue reading Watchdog: DHS prioritizing speed over context for AIS program

Low-cost Drift Buoy Plies the Atlantic for Nearly a Year

Posted on by

Put a message in a bottle and toss it in the ocean, and if you’re very lucky, years later you might get a response. Drop a floating Arduino-fied buoy into the ocean and if you’ve engineered it well, it may send data back to you for even longer.

At least that’s what [Wayne] has learned since his MDBuoyProject went live with the launching of a DIY drift buoy last year. The BOM for the buoy reads like a page from the Adafruit website: Arduino Trinket, an RTC, GPS module, Iridium satellite modem, sensors, and a solar panel. Everything lives in …read more

Continue reading Low-cost Drift Buoy Plies the Atlantic for Nearly a Year

Congress is about to have a really challenging year on cybersecurity

Posted on by

It will be a banner year for cybersecurity debates in Congress — and that isn’t necessarily a good thing, says Michael Bahar, the staff director of the House Intelligence Committee. “We have kicked off the year with a lot going wrong with Russia and its hacking,” he says. While there are multiple probes in the […]

The post Congress is about to have a really challenging year on cybersecurity appeared first on Cyberscoop.

Continue reading Congress is about to have a really challenging year on cybersecurity