Information Sharing Analysis Organizations are to be formed based on sector, sub-sector or region, and overseen by a standards board.
The Department of Homeland Security is soliciting comment on ways the public and private sectors can better share information about cyber threats.
A February executive order mandated that DHS encourage the formation of so-called Information Sharing and Analysis Organizations. Members should be from both the public and private sectors and grouped by industry, region, or other common factors.
These groups are meant to be more expansive than the existing Information Sharing and Analysis Centers, mostly private sector groups that share information along sector-lines, such as financial services or energy, according to DHS.
DHS now wants comments on the formation of the new organizations, including:
- Capabilities ISAOs should be able to demonstrate, including how information can be received, analyzed, stored and shared;
- Why these organizations could be beneficial; and
- Factors that could constrain their ability to serve member organizations
DHS is seeking comments until early July.
The executive order encouraged the voluntary formation of ISAOs, made up of private companies, nonprofits, federal agencies and other groups "to share information related to cybersecurity risks and incidents and collaborate to respond in as close to real time as possible," according to the order.
The administration also recommended these groups be overseen by a nongovernmental standards organization, which would create guidelines for other ISAOs. The executive order tasks the DHS secretary with working with the standards organization on coming up with those guidelines.
(Image via voyager624/ Shutterstock.com)