Misconceptions hinder threat-sharing with government, DHS official says

Some of the DHS's threat-sharing programs have been more popular than others.
Rick Driggers, DHS, CISA
Rick Driggers speaks Nov. 14, 2019, at the Workforce Summit presented by FedScoop and WorkScoop. (Scoop News Group)

Misconceptions from the private sector about the risks of sharing data with the government are still a hurdle when it comes to cyberthreat exchange programs, a Department of Homeland Security official said Thursday.

“I don’t think there are any risks to [sharing cyberthreat information] with the federal government; I think that there are potentially some perceived risks,” said Rick Driggers, an official at DHS’s Cybersecurity and Information Security Agency (CISA).

“I’ve heard that there are a lot of private-sector companies that don’t necessarily want to give information to the federal government,” Driggers said at the Workforce Summit produced by FedScoop. “And I totally get that.”

Concerns from private-sector organizations about sharing data with the government include that companies could expose themselves to litigation or reveal sensitive corporate information.  That is despite a 2015 federal law that gives firms legal cover to share that data.


CISA touts its ability to be a clearinghouse of threat information, relaying declassified data to critical-infrastructure companies. Some of the agency’s threat-sharing programs have been more popular than others. The agency shares threat reports with “indicators of compromise,” or telltale signs of a strain of malware that private analysts can act upon. Officials say the close relationships they’ve built with the private sector in recent years has helped with threat-sharing.

““We have information that the private sector doesn’t have, that state and locals don’t have, that our international partners don’t have,” Driggers said. “We are also getting information from all of those partnership domains.”

With its Automated Indicator Sharing program, however, DHS has struggled to get companies to send the department data (officials say that program has grown in the last year and will be reformed.)

“The federal government doesn’t have all the answers,” Driggers said. “In a lot of ways, the private sector [is] leading in…cybersecurity. And we need to embrace…[and] support that.”

Driggers emphasized the protections that CISA has for the data that companies voluntarily share with the agency, adding that some information is exempt from being disclosed publicly under the Freedom of Information Act. He also spoke to the value of personal, informal relationships with private researchers, many of whom have government experience.


“That informal analytical exchange of information or exchange of ideas is equally important and, quite frankly, it’s a lot quicker,” Driggers said.

CISA officials are looking for new ways that they can directly communicate hacking threats to the private sector. The agency has, for example, asked lawmakers for subpoena authority to obtain contact information for companies that are vulnerable to a given cyberthreat.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts