Today, the Department of Homeland Security (DHS) brought together participants from the public and private sectors and academia in Boston for the first Information Sharing and Analysis Organization (ISAO) Workshop. This event provided a forum to discuss potential ISAO models, requirements, and possible limitations. Feedback from this session will be compiled into a Workshop Readout Report that outlines ideas from the workshop’s participants to inform future ISAO standards and best practices. DHS will hold additional ISAO workshops this summer to solicit further feedback from the stakeholder community.
Information Sharing and Analysis Organizations address two key questions raised by the private sector:
- How can companies share information if they do not fit neatly into the sector-based structure of the existing Information Sharing and Analysis Centers (ISACs)?
- If a group of companies wants to start an information sharing organization, what model should they follow? What are the best practices for such an organization?
ISAOs will allow companies and other entities to share information with each other on a voluntary basis and to robustly participate in DHS information sharing programs even if they do not fit into an existing critical infrastructure sector.
Over the last few months, DHS has been working to accelerate its cybersecurity information sharing efforts. We have made significant progress in improving the scale, scope, and speed of information sharing and will continue to provide updates on our various initiatives.