Overview[]
The Automated Indicator Sharing (AIS) initiative is a capability that the Department of Homeland Security has developed to enable the timely exchange of cyber threat indicators among the federal departments and agencies and the private sector and other non-federal entities. This capability supports federal departments and agencies and the private sector and other non-federal entities in addressing cyber threats to public health and safety, national security, and economic security while ensuring appropriate privacy, civil liberties, and other compliance protections.
The goal of the AIS initiative is to achieve real-time sharing of cyber threat indicators by enabling DHS's National Cybersecurity and Communications Integration Center (NCCIC) to (1) receive indicators from the private sector and other non-federal entities; (2) remove unnecessary personally identifiable information; and (3) disseminate the indicators, as appropriate, to other federal departments and agencies and the private sector and other non-federal entities.
By design, the initiative:
- Performs a series of automated analyses and technical mitigations to ensure that personally identifiable information (PII) that is not directly related to a cybersecurity threat is removed before any information is shared;
- Incorporates limited elements of human review to ensure such information is removed in cases where automated mitigations are not feasible;
- Anonymizes the identity of the submitter of the information, unless the submitter has consented to sharing its identity;
- Minimizes the amount of data collected to what is directly related to a cyber threat;
- Retains information for a limited amount of time, consistent with the need to address cyber threats; and
- Ensures any information collected] is explicitly used for authorized governmental purposes.
External resources[]
- Automated Indicator Sharing Privacy Impact Assessment (full-text).