Age-old problems to sharing cyber threat info remain, IG report finds | CyberScoop<\/title> <meta name=\"description\" content=\"Over-classification, a deluge of data and insufficient human and technological resources all hinder the sharing of threat data.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cyber-threat-sharing-report-odni\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Age-old problems to sharing cyber threat info remain, IG report finds\"> <meta property=\"og:description\" content=\"Over-classification, a deluge of data and insufficient human and technological resources all hinder the sharing of threat data.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cyber-threat-sharing-report-odni\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-01-08T22:00:59+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1701905043g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1704748048g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1702656561g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=7dab012cdc88b5676610\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/78708\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.4.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=78708\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcyber-threat-sharing-report-odni%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcyber-threat-sharing-report-odni%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-78708 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cyber-threat-sharing-report-odni\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.365470852018\">\n<div class=\"single-article__header-content\" readability=\"30.25306122449\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/government\/\"> <span>Government<\/span> <\/a> <\/li>\n<\/ul>\n<p> Over-classification, a deluge of data and insufficient human and technological resources all hinder the sharing of threat data. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Director of National Intelligence Avril Haines speaks about digital threats, at the Carnegie Endowment for International Peace on April 24, 2023 in Washington, DC. (Photo by Drew Angerer\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"33.534246575342\"><body readability=\"71.485850304152\"><\/p>\n<p>Over-classification, a lack of policy guidance and tensions between private sector cybersecurity firms are continuing to hamper federal government efforts to share cybersecurity threat information, according to <a href=\"https:\/\/www.oversight.gov\/sites\/default\/files\/oig-reports\/ICIG\/Joint-Report-Implementation-Cybersecurity-Information-Sharing-Act-2015AUD-2023-002Unclassified.pdf\">a report<\/a> released Friday by the U.S. intelligence community\u2019s top watch dog. <\/p>\n<p>Friday\u2019s report, released by the Office of the Inspector General of the Intelligence Community, concludes that while federal agencies have broadly improved their ability to share threat information and defensive mitigations long-standing policy and technical concerns are providing barriers to rapid information sharing. <\/p>\n<p>The IG\u2019s report examines how relevant federal agencies shared cyber threat information and defensive measures over the past two years through a framework created by the Cybersecurity Information Sharing Act of 2015. The report finds that the \u201cpolicies, procedures, and guidelines\u201d for sharing information are \u201csufficient\u201d to carry out the requirements of the legislation and noted that \u201csharing has improved\u201d in <a href=\"https:\/\/cyberscoop.com\/information-sharing-china-threat\/\">the last two years.<\/a><\/p>\n<p>However, a section on barriers to sharing information among federal entities describes a set of familiar issues \u2014 to cyber pros at least \u2014 that have long been a rallying cry for improvement, including failures to be more forthcoming in sharing threat information with private sector entities.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Officials at the Department of Homeland Security told the IG that \u201cfederal entities continue to be reluctant to share information into the public collection,\u201d the IG wrote. The officials said some entities have a preference to share \u201cexclusively\u201d within the federal government and others have policy requirements to only share with \u201ctheir relevant sector among eligible stakeholders.\u201d<\/p>\n<p>The IG also identified tensions among government agencies regarding what information is being shared. Department of Commerce officials said they were concerned that the Cybersecurity and Infrastructure Security Agency could be sharing additional information but did not explain further. Both Justice Department and Pentagon officials told the IG that some entities are hesitant to share cyber threat information because it could jeopardize ongoing operations.<\/p>\n<p>These concerns extend to the private sector. DOJ officials said that some private companies still worry that sharing information could raise legal and competitive issues, including potential anti-trust concerns. Others believe that cooperating with law enforcement could lead to negative business and regulatory consequences.<\/p>\n<p>DOJ officials told the IG that \u201cpublic perception of federal government actions in cyberspace, especially those of law enforcement agencies, is mixed.\u201d<\/p>\n<p>Meanwhile, the U.S. government continues to face obstacles in taking information that is classified in making it available in non-classified contexts.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Officials at the Commerce, Justice and Defense Departments noted that \u201ccross-domain sharing\u201d of information obtained through classified sources could not be used to mitigate potential risks on unclassified systems because agencies lacked the ability to transfer them to unclassified environments. DOJ officials, meanwhile, told the IG that they lacked the \u201cappropriate facility security clearance to receive the information.\u201d<\/p>\n<p>Another perennial issue is that over-classification makes it difficult to share cyber threat information, said officials from the DOD, Treasury officials and the Office of the Director of National Intelligence.<\/p>\n<p>Officials from DOJ, DOD and DHS all noted either a lack of funding, resources or technology like automation to process information. These resource constraints mean that the deluge of data may not be getting to the right agency or person at the right time to use.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"0.97904761904762\">\n<div class=\"author-card\" readability=\"9\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds-1.jpg?w=640&ssl=1\" alt=\"Christian Vasquez\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Christian Vasquez<\/h4>\n<p> Christian covers industrial cybersecurity for CyberScoop News. He previously wrote for E&E News at POLITICO covering cybersecurity in the energy sector. Reach out: christian.vasquez at cyberscoop dot com <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/cyber-threat-sharing-report-odni\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Age-old problems to sharing cyber threat info remain, IG report<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[623,452,1351,293,273,669,117,1352,910,439,509],"tags":[628,454,1353,299,279,671,119,1354,911,443,511],"class_list":["post-2326","post","type-post","status-publish","format-standard","hentry","category-commerce-department","category-cybersecurity-and-infrastructure-security-agency-cisa","category-department-of-defense-dod","category-department-of-homeland-security-dhs","category-fbi","category-federal-bureau-of-investigation-fbi","category-government","category-inspector-general","category-office-of-the-director-of-national-intelligence-odni","category-policy","category-treasury-department","tag-commerce-department","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-department-of-defense-dod","tag-department-of-homeland-security-dhs","tag-fbi","tag-federal-bureau-of-investigation-fbi","tag-government","tag-inspector-general","tag-office-of-the-director-of-national-intelligence-odni","tag-policy","tag-treasury-department"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/commerce-department\/\" rel=\"category tag\">Commerce Department<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-defense-dod\/\" rel=\"category tag\">Department of Defense (DOD)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-homeland-security-dhs\/\" rel=\"category tag\">Department of Homeland Security (DHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/fbi\/\" rel=\"category tag\">FBI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/federal-bureau-of-investigation-fbi\/\" rel=\"category tag\">Federal Bureau of Investigation (FBI)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/inspector-general\/\" rel=\"category tag\">Inspector general<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/office-of-the-director-of-national-intelligence-odni\/\" rel=\"category tag\">Office of the Director of National Intelligence (ODNI)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/policy\/\" rel=\"category tag\">Policy<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/treasury-department\/\" rel=\"category tag\">Treasury Department<\/a>","tag_info":"Treasury Department","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2326","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=2326"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2326\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=2326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=2326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=2326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":2326,"date":"2024-01-08T22:00:59","date_gmt":"2024-01-08T22:00:59","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=78708"},"modified":"2024-01-08T22:00:59","modified_gmt":"2024-01-08T22:00:59","slug":"age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/01\/08\/age-old-problems-to-sharing-cyber-threat-info-remain-ig-report-finds\/","title":{"rendered":"Age-old problems to sharing cyber threat info remain, IG report finds"},"content":{"rendered":"