The US Department of Homeland Security (DHS) and DOJ have jointly issued final guidelines and procedures governing cyber threat indicators obtained by federal entities under the Cybersecurity Information Sharing Act of 2015 (CISA).
On June 15, 2016, the US Department of Homeland Security (DHS) and DOJ jointly issued final privacy and civil liberties guidelines and final operational procedures regarding cyber threat indicators obtained by federal entities under the Cybersecurity Information Sharing Act of 2015 (CISA).
Specifically, the guidelines and procedures address, among other things:
How to share information through DHS's Automated Indicator Sharing service.
The receipt, retention, use, safeguarding, and dissemination of cyber threat indicators.
Policies and procedures related to defensive measures.
How to safeguard personal and classified/national security information.
Notification procedures.
Sanctions for failing to abide by the usage requirements in the guidelines.
Audit procedures.
Periodic review of the guidelines by the Attorney General and Secretary of Homeland Security, in coordination with:
heads of federal entities;
officers designated under the National Security Intelligence Reform Act of 2004; and