Today the Department of Homeland Security published a
guidance notice in the Federal Register (81 FR
8214) providing a link to their Automated
Information Sharing (AIS) web site. This web site provides the interim
guidance on the sharing of information about cyber threat indicators between
the Federal Government and the private sector required under §103 and §105 of the Cybersecurity
Information Sharing Act (CISA) of 2015 that was passed as Division N of the Consolidated
Appropriations Act, 2016 (PL 114-113, not yet published).
The AIS web site contains links to four guidance documents:
The site also contains a link to the on-line form that
allows submission of information on threat indicators to the automated
information sharing system.
A quick review of these complex documents did not show
anything specific to the sharing of information about sharing information about
cyber threat indicators specifically related to industrial control systems. Section
102(9)(B) of CISA Act of 2015 did, however, specifically include in the
definition of information system “industrial control systems, such as supervisory
control and data acquisition systems, distributed control systems, and
programmable logic controllers”.
I’ll probably have a more detailed look at these documents
in a later blog post.
Posts
No comments:
Post a Comment