On 18 December 2015, Congress enacted the Cybersecurity Information Sharing Act of 2015 (6 U.S.C. § 1501 et seq.) (the Act) to improve cybersecurity in the United States through enhanced sharing of cyber threat information. The Act creates a framework to facilitate and promote the voluntary sharing of cyber threat indicators (CTIs) and defensive measures (DMs) among Federal and between Federal and non-Federal entities. The Act required the Inspectors General of the “appropriate Federal entities,”
defined as the Departments of Commerce, Defense, Energy, Homeland Security, Justice, and the Treasury, and the Office of the Director of National Intelligence, in consultation with the Inspector General of the Intelligence Community, and the Council of Inspectors General on Financial Oversight, to jointly report to Congress by 18 December every two years, on the actions of the appropriate Federal entities to carry out the Act over the most recent two-year period. This report meets the biennial joint reporting requirement.
Report File
Date Issued
Submitting OIG
Office of the Inspector General of the Intelligence Community
Other Participating OIGs
Department of Commerce OIG
Department of Defense OIG
Department of Energy OIG
Department of Homeland Security OIG
Department of Justice OIG
Department of the Treasury OIG
Agencies Reviewed/Investigated
Office of the Director of National Intelligence
Report Number
AUD-2025-001
Report Description
Report Type
Other
Agency Wide
Yes
Number of Recommendations
0
Questioned Costs
$0
Funds for Better Use
$0
Report updated under NDAA 5274
No
