The Department of Homeland Security is setting up an organizational structure that would encourage the private sector to exchange cyber threat information with the government amid the White House’s proposal for liability protection, FCW reported Wednesday.
Mark Rockwell writes that Suzanne Spaulding and Phyllis Schneck of the National Protection and Programs Directorate at DHS told the House Homeland Security Committee that the plan is to centralize the collaboration between the private and public sectors.
The National Cybersecurity and Communications Integration Center within NPPD will serve as the central portal through which information sharing and analysis organizations can voluntarily submit threat information without liability, the report said.
Jared Serbu also reported Thursday on Federal News Radio that the government continues to work on building trust with the private sector to promote information sharing as well as establishing standards for the type of information to be shared.
“There’s never been a harder time to convince companies to share with the government,” said Schneck, DHS NPPD deputy undersecretary for cybersecurity and communications and an inductee into Executive Mosaic‘s Wash100 for 2015.
“There’s also never been a more urgent time to put the indicators together so we can respond to an adversary that has an infinite appropriation and does whatever they want,” she added.
Serbu notes that ISAOs will be independent of the government and can facilitate information sharing only among members.
Schneck indicated that DHS is also exploring policies that would establish the ISAO’s role and responsibility on threat information sharing and oversight functions to ensure both privacy and response speed requirements are met, the report said.