The Department of Homeland Security‘s U.S. Computer Emergency Readiness Team plans to implement a new approach to cybersecurity information sharing through automation, Federal News Radio reported Thursday.
Jason Miller writes that US-CERT Deputy Director Brad Nix said the agency will use the Structured Threat Information eXpression and Trusted Automated eXchange of Indicator Information technical specifications within the next few months.
Nix told the station that STIX and TAXII will work alongside existing standards to support a structured cloud-based information-sharing program.
“The idea behind the use of the cloud for the STIX/TAXII server is to enable the access to the information with the appropriate level of control so that organizations can submit information but also can retrieve information that is relevant to them,” he said.
“We want to set up an environment that is risk rated at the right level to facilitate the sharing of information, but still provides the appropriate levels of confidentiality, integrity and availability controls that would be required for an organization that actually depends on the information.”
Miller reports that DHS has been testing STIX and TAXII for the past two years.
Nix noted that the department also continues to work toward greater trust between the private and public sectors through the Cyber Information Sharing and Collaboration Program.