CISA Issues Guidance on Sharing Cyber Event Information

By | April 12, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has recently published a fact sheet on cyber threat information sharing to guide organizations reporting cyber incidents, which will help the agency mitigate current and emerging cybersecurity threats to U.S. critical infrastructure.

Following the passing of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), a rulemaking process will commence to implement statutory requirements; however, the fact sheet serves as an interim measure to guide organizations through the voluntary sharing of information about cyber-related events.

The sharing of cyber threat information is an essential part of the collective defense against cyber threats and helps to strengthen U.S. cybersecurity. The rapid sharing of threat information with CISA allows the agency to issue prompt warnings and provide assistance to other organizations and entities that could help them avoid falling victim to similar attacks. Having access to threat information can also help CISA to identify attack trends that will guide future efforts to protect the country’s critical infrastructure.

The fact sheet explains how organizations can assist and the types of activity and information that should be shared. Organizations should observe attacks, take steps to mitigate the threat, and then report the threat to CISA. CISA has requested threat information from critical infrastructure owners and operators, and federal, state, local, territorial, and tribal government partners.

CISA wants to be provided with cyber threat information related to unauthorized system access, DOS attacks that last more than 12 hours, the discovery of malicious code within systems, targeted and repeated scans of systems, repeated attempts by unauthorized individuals to access systems, ransomware attacks on critical infrastructure organizations, and email or mobile messages associated with phishing attempts or successful phishing attacks.

CISA said the information provided will help it fill critical information gaps, deploy resources, analyze trends, issue warnings, and build a common understanding of how adversaries are targeting U.S. networks and critical infrastructure sectors.

The post CISA Issues Guidance on Sharing Cyber Event Information appeared first on HIPAA Journal.