View More guides on Cyber Threat Intelligence
What is the Cyber Information Sharing and Collaboration Program (CISCP)?
- Cyber Threat Intelligence
Posted on: May 28, 2019
Cyber Information Sharing and Collaboration Program (CISCP) is an unclassified flagship information sharing program between the Department of Homeland Security (DHS) and enterprises, mostly from Critical Infrastructure sectors.
CISCP provides a platform for information exchange and establishes a community of trust between the Federal Government and the participating organizations (including Critical Infrastructure operators/owners) as well as Information Sharing and Analysis Centers (ISACs). CISCP leverages the expertise of DHS’ National Cybersecurity and Communications Integration Center (NCCIC) in cybersecurity and communications to foster this collaboration.
How does CISCP work?
All participating organizations (called the members) can share their valuable cyber-crime risk related information through analyst-to-analyst partnerships, enabling a trusted collaboration along with actionable insights. This helps in inculcating cybersecurity resilience, with an ability to proactively identify, prevent, and mitigate any cybersecurity incidents. Being a member of CISCP, organizations gain access to a complete suite of NCCIC products (like various kinds of threat bulletins and malware reports), as well as a wide range of services. The members also get access to analyst-to-analyst technical threat exchanges and analyst training events, where they can share classified and unclassified information.
How does CISCP protect the information exchange process?
The information shared during the CISCP collaboration remains very much safe. DHS uses the Protected Critical Infrastructure Information (PCII) Program to protect all the information that is voluntarily shared with the Federal Government for homeland security. The PCII Program provides protection and confidence to the members that the federal government will not expose proprietary or sensitive data shared through this program. The information shared via this program also adheres to the Traffic Light Protocol (TLP), Freedom of Information Act (FOIA) and Cybersecurity Information Sharing Act (CISA).
How to become a CISCP member?
To become a CISCP member, prospective organizations, such as organizations that are part of Information Sharing and Analysis Centers (ISACs), or organizations dealing with Critical Infrastructure, or the Critical Infrastructure and Key Resources (CIKR) operators, need to sign a Cooperative Research and Development Agreement (CRADA). After signing CRADA, members get access to DHS’s NCCIC watch floor and permissions up to the TS/SCI level. Within the CISCP program, industry and government partners contribute threat data by adding to the volume of information presently available for analysis by the DHS CISCP analytical team.
What are the benefits of the CISCP?
CISCP aims to foster collaboration of operators and owners by leveraging the expertise of DHS’ National Cybersecurity and Communications Integration Center (NCCIC) in cybersecurity and communications. This collaboration between DHS’s NCCIC and their members can help in assessing cyber-related vulnerabilities, threats, and consequences. This can help them stay informed about the latest incidents in cybersecurity, and enable them to prepare for, prevent, and respond to any catastrophic cyber incidents.