Cybersecurity Risk Information Sharing Program

Overview
The DOE's Cybersecurity Risk Information Sharing Program (CRISP) is a unique public-private sector partnership that combines, 1) high fidelity (private sector) sensor devices, 2) government enrichment and analysis of the cyber threat (integrating Intelligence Community resources and analysis with the parallel generation of both classified and tear line information), 3) automated generation of machine consumable CTIs and DMs (leveraging Structured Threat Information Expression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII)), with 4) a robust data sharing matrix that addresses the policy side of information sharing.

Source

 * Encryption and Evolving Technology: Implications for U.S. Law Enforcement Investigations, at 10.