Page 19 - 2016
P. 19
The current approach to cyber security by which anonymity can help to address liability, while data
organizations rely on internal resources and capabilities to ownership techniques can help to minimize exposure risks.
defend themselves is not working. The main reason:
attackers, notably criminal gangs and nation states, are
better organized than businesses and government agencies, “Regulatory mandates and
and are usually a few steps ahead of the best defenses. privacy laws are another
significant factor that
To level the playing-field with the bad guys, we need to
drastically re-think and re-formulate the current approach prevents organizations from
to security by implementing inter-company collaboration. sharing information”
We need a model for collaboration that goes beyond simply
sending/receiving security intelligence. The model must Regulatory mandates and privacy laws are another
provide a framework for delivering information to significant factor that prevents organizations from sharing
organizations at risk from specific threats. The framework information. In some cases, attempting to share a piece of
should automatically control the flow of collaboration to intelligence will be met with a wall of silence from a peer
prevent participants from violating privacy laws and who cannot respond without violating compliance rules.
regulatory mandates, while enforcing the internal policies
of each participant. Finally, fear is a main obstacle to sharing threat intelligence
data fear of releasing the wrong data, fear of delivering
Widespread Adoption of Sharing sensitive information to the wrong company or person,
A 2015 report on security collaboration by Enterprise and fear of overexposure.
Strategy Group (ESG) found that 45 percent of U.S.
enterprises share threat intelligence data with other Know Your Data before Sharing
companies on occasion, and that 37 percent share such data Security collaboration is not a one-size-fits-all proposition.
regularly. The report also found that many companies want Some data should be shared as widely as possible with the
to start sharing data. community, while other data should be shared in a
controlled manner.
75 percent of organizations see such sharing as a top
priority, according to Forrester Research. Individual sharing may start in one form (i.e. controlled)
and shift to another (i.e. community wide) as the event or
The U.S. government directive, the Cyber Information threat is better understood.
Sharing Act (CISA), was enacted to encourage the sharing
of cyber security intelligence between U.S. government To share information safely, first Know Your Data (KYD).
agencies and the private sector. The four tenets of KYD are:
Roadblocks to Sharing What data do you have
While most security experts are willing to share security Where is your data
information with trusted peers, many organizations are still Where does your data go
hesitant to establish formal collaborations with other Who does it go to
companies and/or with the government. Embracing
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 19
