Significant declines in participation and cyber threat information sharing through the federal Automated Indicator Sharing flagged by the Department of Homeland Security's Office of the Inspector General have prompted the Cybersecurity and Infrastructure Security Agency to commit to revitalizing the threat sharing system, reports The Record, a news site by cybersecurity firm Recorded Future.
Inadequate CISA outreach for data producer recruitment and retention has primarily led to overall AIS participation decreasing from 304 to 135 between the calendar years 2020 and 2022, while cyber threat indicator sharing dropped by 93% during the same period mainly due to a federal agency's cessation of sharing due to security concerns, according to a report from the DHS OIG, which also noted CISA's lapses in accounting for the project's funding.
Efforts to adhere to the audit's recommendations on AIS participant recruitment and retention, as well as the program's spending plans, are already underway. "The agency is independently evaluating the AIS service, including exploring alternative approaches to its automated threat intelligence and information sharing capabilities that will align with the new long-term Threat Intelligence Enterprise Services strategy while remaining in compliance with CISA's legal obligations," said a CISA spokesperson.