The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. has unveiled plans to revamp its threat information sharing program in the coming year, with a two-year effort aimed at enhancing collaboration with the private sector and addressing the dynamic threat landscape. The initiative involves the replacement of CISA’s decade-old Automated Indicator Sharing (AIS) program with a more modernized approach known as Threat Intelligence Enterprise Services (TIES).
The agency acknowledges that while AIS was once a novel model for global organizations, it’s time for a change to better adapt to current challenges. CISA’s Associate Director, Michael Duffy, outlined the agency’s strategic shift, emphasizing a move from focusing solely on privacy controls and addressing intelligence gaps to consolidating customer-facing cyberthreat intelligence services under the TIES initiative. The goal is to streamline threat data-sharing operations and provide more actionable data to partners.
The TIES Exchange Platform is set to synchronize information-sharing capabilities, bringing federal agencies and key stakeholders under a unified banner. This move comes after a report from the Department of Homeland Security Inspector General urged CISA to improve its cyberthreat data-sharing capabilities, expressing concerns that the AIS program did not always provide sufficient information to identify and mitigate cyber threats.
Michael Daniel, President and CEO of the Cyber Threat Alliance, noted that revamping CISA’s threat intelligence capabilities makes sense and emphasized the need to focus on making the intelligence highly actionable. CISA’s new approach aims to learn from challenges within the existing AIS system, prioritizing privacy and confidentiality while enhancing automated cyber defenses and adapting to the evolving threat landscape.
The Electricity Information Sharing and Analysis Center welcomed the initiative, foreseeing improvements in timely information sharing, collaboration, and coordination for enhanced cybersecurity across critical infrastructure sectors.
