SecureWorld News

Strengthening Cyber Incident Information Collection and Sharing in the U.S.

Written by Kristin Judge | Thu | Apr 15, 2021 | 10:45 AM Z

Americans reported $4.2 billion in total fraud losses to the FBI Internet Crime Complaint Center (IC3) in 2020. However, experts estimate that only a fraction of cyber incidents are actually reported, hardly giving us a glimpse at the enormity of the problem.

Cybercrime Support Network's (CSN) mission is to serve individuals and small businesses impacted by cybercrime, and, to do so, we need to better understand the immensity of the issue through stronger incident information collection, sharing, and trend reporting.

In October 2020, we received a $625,000 renewal of a cooperative agreement with the Cybersecurity and Infrastructure Security Agency (CISA) to continue the development of a State, Local, Tribal, and Territorial (SLTT) Reporting and Threat Information Sharing Pilot Project. In addition, CISA awarded CSN a cooperative agreement in the amount of $625,000 to develop an SLTT National Information Exchange Model (NIEM) Cyber Pilot.

The renewal of the SLTT Information Sharing Pilot Project has allowed us to build upon the prototypes, processes, and systems designed and developed in 2020 to better collect and share threats with SLTT agencies, improve prevention efforts, and help individuals and small businesses to improve the cybersecurity of the nation.

The Cyber Resource Catalog was launched and includes over 1,000 searchable, online resources available for individuals and small businesses impacted by a cyber issue to assist in response, reporting, and security reinforcement after a cyber incident occurs. We will continue to add content and improve functionality of the Cyber Resource Catalog through 2021.

The NIEM-related Cooperative Agreement will help establish the use of common language for cyber incidents reported to SLTT agencies. Through the development of a NIEM Cyber Domain, CISA is promoting a common vocabulary which will allow for the efficient exchange of information among public and private agencies. A common vocabulary for cyber threats is important to ensure that when one person says "event" and another says "incident," for example, our computers automatically know they mean the same thing. CSN's work will apply the NIEM Cyber Domain to SLTT agencies, helping agencies to share cyber incident information and incorporating the cyber and physical sectors to ensure a holistic government response.

For more information about CSN or these cooperative agreements, visit CybercrimeSupport.org or contact CSN at info@cybercrimesupport.org.