TSA, Cybersecurity Information Sharing
Carnegie Mellon University, Fall 2021
Problem Statement
Find a streamlined way for TSA to prioritize cybersecurity information to inform industry partners and prevent cybersecurity incidents promptly.
Problem Scoping and Discovery
The team conducted 37 informational interviews and found that the current cybersecurity alert dissemination process within the TSAs Policy, Plans, & Engagement (PP&E) Section is manual, subjective, and repetitive. The current process involves a manual review of numerous agency alerts that delays communication with stakeholders, provides partners with no categorization of alert criticality, and offers no confirmation that the alert has been received.
Outcome
The team recommended 2 solutions:
The two platforms (CSAP, and CTIX offered by Cyware Labs.) that combine threat intelligence collection, multi-delivery alerting, community feedback, accountability, and advanced automation capabilities providing a comprehensive information sharing mechanism between TSA member organizations.
scoutPRIME is a vulnerability identification platform that allows members to monitor the attack surface of an organization, manage and mitigate cyber risk.
Results
The team is working with the problem sponsor to incorporate this solution into current TSA practices.