Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Perhaps a more strict definition of Cyber Threat Intelligence would help. If the definition was narrowed to exclude private data, that would go a long way. But doesn't the US-CERT already do this? What information would the US-CERT like to share that they cannot currently share?


I think people thing US-CERT is more important than it actually is because of its history, which included a long stretch where it was the only incident response team anyone had heard of. But in reality, US-CERT does very, very little: it is a clearinghouse for heavily redacted vulnerability information that has usually been in the mainstream for a long time.

Did you read the definition of cyber threat information in the bill? It's here: http://intelligence.house.gov/hr-624-bill-and-amendments

If so, I'd be interested in your ideas for improving the definition.

Thank you for the thoughtful comment.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: