The US Department of Homeland Security (DHS) and the US Department of Justice (DOJ) have issued joint guidance on the Cybersecurity Information Sharing Act of 2015 (CISA). The CISA, which was enacted in December 2015, includes a number of measures aimed at reinforcing public and private sector cybersecurity. The final guidance focuses on the sharing of “cyber threat indicators” and “defensive measures” which operate under the Act. Through CISA’s information-sharing initiative, the federal government has the power to gather known cyber threat indicators and defensive measures, which will then be made available to other federal agencies, select private entities and to the public, if unclassified in nature. Participating entities, including private companies, must ensure that the information they share is scrubbed of personal information or of any information identifying a specific person not directly related to a cybersecurity threat.