The Cybersecurity Act of 2015 and multiple cybersecurity Executive Orders on information sharing have encouraged the establishment and expansion of industry-wide information sharing and analysis organizations (such as the Financial Services Information Sharing and Analysis Center) while also attempting to foster more information sharing between private sector companies (such as critical infrastructure owners and operators) and the federal government.  How successful have these information sharing efforts been, and what steps can be taken to further enhance the cybersecurity ecosystem as a result?

Mary Ellen Callahan, Privacy and Cybersecurity Attorney
Megan Stifel, Cybersecurity Policy Director, Public Knowledge
Leonard Bailey, Special Counsel, U.S. Department of Justice

Room 402-404


Cybersecurity Information Sharing Act of 2015:


Consolidated Appropriations Act, 2016, Public Law 114-113at Division N, Title I the Cybersecurity Information Sharing Act of 2015:


Federal Materials:


Materials on the Department of Homeland Security, US-CERT, Automated Indicatory Sharing


Sharing of Cyber Threat Indicators and Defensive Measures by the Federal Government Under the Cybersecurity Information Sharing Act of 2015 (February 2016):


Privacy and Civil Liberties Final Guidelines: Cybersecurity Information Sharing Act of 2015 (June 2016):


Updated CISA FAQs, 2017(Department of Homeland Security and Department of Justice) (


Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, May 2017:


Information Sharing and Analysis Organization Standards Organization (ISAO SO) Materials:


ISAO SO publication: Introduction to Information Sharing (October 2016) : ISAO-300-1-Introduction-to-Information-Sharing-v1-01_Final.pdf


ISAO SP 4000: Protecting Consumer Privacy in Cybersecurity Information Sharing v1.0 (July 2017):

Leonard Bailey
Leonard Bailey

Special Counsel
US Department of Justice

Mary Ellen Callahan
Mary Ellen Callahan

Privacy and Cybersecurity Attorney

Megan Stifel
Megan Stifel

Cybersecurity Policy Director
Public Knowledge