The Department of Homeland Security (DHS) on Tuesday released interim guidelines for how the government will protect and share data gathered under a new major cybersecurity law.
It’s the first of several steps meant to assuage fears that the Cybersecurity Act of 2015 — which encourages companies to share hacking threat information with the government — will simply shuttle more personal data on Americans to intelligence agencies.
“We know many cyber intrusions can be prevented if we share cyber threat indicators,” said DHS Secretary Jeh Johnson in a statement.
Congress passed the Cybersecurity Act in December, with Obama signing the bill just before the new year.
Supporters — including most lawmakers and many industry groups — said the measure was necessary to help both government and businesses better understand and combat hackers.
In his statement, Johnson argued that the public and private sector could benefit from swapping information such as “the subject line of a spear phishing email, or the IP address of the computer from which it originated.”
“Sharing this kind of information in real-time, and swiftly applying defensive measures, will allow both the government and private sector to more effectively prevent attacks,” he added.