The Cybersecurity and Infrastructure Security Agency (CISA) addressed the basic information-sharing requirements of the Cybersecurity Act of 2015. In calendar years 2021 and 2022, CISA updated its guidance, properly classified cyber threat indicators (CTI) and defensive measures, and accurately accounted for security clearances to address the basic information-sharing requirements of the Act. In March 2022, CISA completed upgrades to its Automated Indicator Sharing (AIS) 2.0 capability to address information-sharing limitations.
Date Issued
Submitting OIG
Department of Homeland Security OIG
Other Participating OIGs
Department of Homeland Security OIG
Agencies Reviewed/Investigated
Department of Homeland Security
Report Number
OIG-24-60
Report Description
Report Type
Audit
Agency Wide
Yes
Number of Recommendations
2
Questioned Costs
$0
Funds for Better Use
$0
Open Recommendations
This report has 1 open recommendations.
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
1 | No | $0 | $0 | ||
We recommend that the Director of CISA develop and implement a strategy and performance metrics to actively recruit and retain Automated Indicator Sharing participants, including Federal data producers. |