CISA's outreach strategy for its AIS program has been ineffective, leading to a significant 93% decline in shared cyber threat indicators between 2020 and 2022.
CISA's lack of outreach led to awareness issues among potential stakeholders, as one major participant only learned about AIS through their own research.
Despite completing updates for AIS to improve its functionality and user experience, CISA did not promote these enhancements, continuing the downward trend in participation.
The Office of Inspector General criticized CISA for failing to foster a culture of information sharing, which is contrary to provisions set by the Cybersecurity Information Sharing Act.
Collection
[
|
...
]