The Department of Homeland Security (DHS) is recommending a change in the way victims report cyberattacks. They suggest creating a single portal for reporting instead of the current process where multiple agencies are involved as the primary point of contact.
A new report from a DHS task force detailed these changes to the cyber incident reporting process and presented them to Congress.
Homeland Security Secretary Alejandro Mayorkas said that these recommendations are meant to assist the government’s understanding of digital attacks and aid victims.
“In the critical period immediately following a cyberattack, our private sector partners need clear, consistent information-sharing guidelines to help us quickly mitigate the adverse impacts,” Mr. Mayorkas said in a statement.
The report argues that the single-portal reporting process and other changes are necessary to prevent federal bureaucracy from further harming those who suffer from dangerous cyber attacks.
“Many agencies have invested in their own incident reporting portal, or are still using email or phone systems to report incidents,” the report stated.
The different approaches to responding and recovering from cyber attacks not only create problems for federal officials but also for victims who are working to recover, according to Robert Silvers, the Department of Homeland Security’s undersecretary for policy.
“Federal agencies should be able to receive the information they need without creating duplicative burdens on victim companies that need to focus on responding to incidents and taking care of their customers,” Mr. Silvers said in a statement.
Other recommendations in the report include defining which cyber problems need reporting and establishing a timeline for disclosing information.
“These recommendations can improve our understanding of the cyber threat landscape, help victims recover from disruptions, and prevent future attacks,” Mr. Mayorkas said.
Among the reasons why these solutions haven’t been implemented yet are procedural and funding issues surrounding the rules for making such changes and obtaining the necessary resources, according to the report.
