Additional Progress Needed to Improve Information Sharing Under the Cybersecurity Act of 2015 [open pdf - 3MB]
From the Highlights: "The 'Cybersecurity Act of 2015' requires the Department of Homeland Security to establish a capability and process for Federal entities to receive cyber threat information from non-Federal entities. The Act requires Inspectors General from the Intelligence Community and appropriate agencies to submit a joint report to Congress every 2 years on Federal Government actions to share cyber threat information. We conducted this review to evaluate CISA [Cybersecurity and Infrastructure Security Agency]'s progress meeting the Cybersecurity Act's requirements for 2019 and 2020."
Department of Homeland Security, Office of Inspector General, Report No. OIG-22-59
Office of Inspector General, Department of Homeland Security: https://www.oig.dhs.gov/