Cyber threat information sharing a double-edged sword
Programs that share intelligence about cyber threats represent a great step forward; however, leaks about such information have occurred and must be stopped.
Discussions and legislation centered on requiring intelligence agencies to share information with the private sector have once again come to the forefront. The Permanent Select Committee on Intelligence on Nov. 30 approved a piece of legislation that would expand a pilot program (the name of which was not disclosed) that's focused on sharing classified and sensitive threat intelligence with defense contractors.
Cyber defense is all about intelligence. Understanding the threat environment and being warned beforehand about possible cyberattacks is the foundation of cyber defense, which has become a fundamental requirement for critical infrastructure providers.
At a defense forum held in August, then Deputy Defense Secretary William Lynn pointed out the value of sharing cyber threat intelligence, stating, “Already the pilot [program] has shown us hundreds of signatures we wouldn’t previously have seen and stopped hundreds of attempted intrusions.” Programs such as this are also being considered for critical infrastructure providers. Many critical infrastructure providers in the private sector must create internal capabilities to deal with classified information which requires much more than just getting people cleared.
All this is positive and helps to manage cyber risks; however, there is a downside. Many intelligence leaks have been traced back to insiders. Whether accidental or purposeful, these leaks are really damaging and a proactive approach must be taken to stop this growing trend. Perhaps the best approach to manage this risk is continuously keeping security in the front their minds.
When it comes to cyberattacks and acts to cyber espionage, critical infrastructure providers and defense contractors are on the front lines. The seemingly relentless barrage of the cyber hostilities they experience mandates updating intelligence about the threat environment on a near real-time basis. Programs such as this that share intelligence represent a great step forward.
NEXT STORY: DISA fund earns 'clean' status in DOD-wide audit