The Department of Homeland Security has issued four final guidance documents on how to facilitate voluntary sharing of cyber threat indicators and related data between the private sector and the federal government.
DHS said in a Federal Register notice posted Wednesday it teamed up with the Justice Department to develop and issue the guidance documents in compliance with the Cybersecurity Information Sharing Act of 2015 that President Barack Obama signed into law in December.
The Non-Federal Entity Sharing Guidance posted on the U.S. Computer Emergency Readiness Team’s website seeks to help private firms as well as state, tribal and local government agencies to share cyber threat data and defensive measures with federal agencies.
DOJ and DHS also issued a final document that seeks to protect civil liberties and privacy when it comes to a federal entity’s receipt, use and dissemination of cyber threat information.
The third document posted on US-CERT outlines procedures for federal agencies when it comes to sharing data on network vulnerabilities with non-federal entities, while the fourth document details processes on how federal agencies should receive information on defensive measures and threat indicators.