Cyber Threat Information Sharing

Cybersecurity Public-Private Partnership

It is pretty clear that the public-private partnership is a key element in the foundation of effective critical infrastructure protection and other national resilience strategies.  The public-private partnership enables private sector entities to build their own capacity through data-sharing with the Government.

This enables the sharing of accurate, relevant, and timely multi-directional sources of related information.  The goal is eventually this strategy helps companies to enhance their ‘cyber resilience.’ Truth is, the Government can’t protect them.

Executive Order 13691

The launch of the new Information Sharing and Analysis Organization (ISAO) model in 2015 (E.O. 13691), was constructed purely on the tenets of 2013 Executive Order 13636.  E.O. 13636, officially known as the Improving Critical Infrastructure Cybersecurity, along with the Presidential Policy Directive (PPD) 21, which is usually referred to as the Critical Infrastructure Security and Resilience, were fundamental to cyber cooperation.

To ensure that relevant and actionable information is shared, the Department of Homeland Security (DHS) uses the public-private partnership approach that creates and enhances data flows in manners that are consistent with the law, regulations, and policy. They also protect privacy, civil rights and liberties, data sources, and of course data recipients.  The goal here is to connect with a developing constellation of ISAOs across the nation.

The government was under the belief that a growing number of organizations wanted to share information with them.  However, to this day, no one knows whether most companies wanted the information from the government or really had an interest in sharing the data.  Most of these companies are continuously positioning for corporate gain. So, it is no surprise they are in receive mode and rarely share back information to the Government.  Companies had previously asked for help in developing ISAOs. However, since the E.O. few have stepped up to form as ISAO. They don’t see the value.

Lack of Standards

There was a need to develop a standard organization to work with the government, the private sector, and the academia.  To this date, no standards have been set – although there have been a plethora of impeccable practices delivered. A lot of companies do not want standards because they fear that these standards would be turned into regulations.  This concern makes national cybersecurity a grave challenge and gives the impression that the experts working together for resilience have made security political.

The partnership is imperative especially important when it comes to cybersecurity.  This is the case because the partnership allows all entities, whether belonging to the public or private sector, to accomplish various responsibilities of which they may excel.  These responsibilities are shared include working on security programs, conducting research and development, and completing other tasks in a cost-effective and efficient manner. In collaborative environments, everybody wins with reduced costs and greater output.

Also, the exchange of information between partners is essential to the prevention, detection, and effective response to any and all cyber incidents. Infrastructure owners and operators, communication and information technology (IT) network workers, security service providers, law enforcement personnel, as well as intelligence organizations, share information that aids in the discovery of cyber intrusion and attack.

Thus, establishing a common operational picture accessible to both public and private entities is essential.  They accomplish this objective by aggregating and analyzing the information distributed among trusted partners.  Cooperation also facilitates protective actions, mitigation efforts, and coordination necessary for a well-organized and impactful response to cyber and communication threats and incidents.  However, the private sector has trust issues, and in some cases, so does the government. So, we move along together letting the hackers develop effective partnerships and new capabilities.