U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Breadcrumb

  1. Home
  2. About Us
  3. Site Links
  4. Archived
  5. News Archive
  6. DHS Cyber Information Sharing: Ensuring Privacy in the Automated Indicator Sharing Initiative

Archived Content

In an effort to keep DHS.gov current, the archive contains outdated information that may not reflect current policy or programs.

DHS Cyber Information Sharing: Ensuring Privacy in the Automated Indicator Sharing Initiative

Release Date: November 18, 2015

By Dr. Andy Ozment, Assistant Secretary for Cybersecurity and Communications
and Jamie Danker, National Protection and Programs Directorate
Privacy Officer

Many cyber attacks can be identified—and prevented—by sharing information about unique attack attributes, also known as indicators. A cyber threat indicator might include unique attributes of a spearphishing e-mail, such as the subject line or sending computer; or it might be a specific piece of software known to contain malicious code.

As part of our efforts to further enhance information sharing, the Department of Homeland Security’s Automated Indicator Sharing (AIS) initiative connects participating organizations to a DHS-managed system that allows two-way sharing of cyber threat indicators—from the information sharing partner to DHS, and vice versa. AIS leverages DHS-led standards for machine-to-machine communication, providing a mechanism for DHS to rapidly share cyber threat indicators with other federal agencies and the private sector. 

The results of this effort will allow participating organizations to submit and receive actionable cyber threat indicators in near-real-time for network defense. This information sharing initiative will also help DHS build a common, shared knowledge of current threats to better protect federal networks and help the private sector protect itself. 

DHS recognizes that cybersecurity information sharing among diverse sources requires a preeminent focus on ensuring appropriate protection for individual privacy and civil liberties, so implementing necessary safeguards was a foremost consideration in designing and implementing the AIS initiative.

The Department has published its Privacy Impact Assessment (PIA) for AIS, detailing all identified privacy risks as well as the protections implemented to mitigate them. For example, the PIA notes a potential risk that Personal Identifiable Information (PII) or other sensitive information could be forwarded to DHS as part of a cyber threat indicator. To address this risk, the Department implemented robust protections to minimize the risk that PII is collected, as well as steps to ensure that, when present, PII that is not necessary to understanding the cyber threat  is quickly identified, deleted, and never shared.  

To read more about how the Department will mitigate privacy risks for AIS, visit www.dhs.gov/privacy. For more information on AIS, visit www.us-cert.gov/ais. For more on cybersecurity at DHS, visit www.dhs.gov/cyber.

Last Updated: 04/13/2021
Was this page helpful?
This page was not helpful because the content