Information sharing doesn’t have to run along industry lines. At Wisegate, information is shared among IT security professionals from many different types of companies.
“The old information-sharing model of relying on an ‘expert’ to aggregate and disseminate information doesn’t match the pace today of cybersecurity challenges,” says Sara Gates, founder and CEO of Wisegate, which helps security professionals collaborate on security issues using crowdsourced IT research. “The timeframe we have to react and respond won’t work” with this model. Gates says peer information sharing takes advantage of the speed of information -- from issue to discussion to solution.
Members pose questions on their latest security issues to Wisegate, and the firm uses a matching algorithm to identify the most pressing issues. Within 48 hours, the firm holds live roundtable discussions with interested members, whose identities and companies have been vetted, but remain anonymous in discussions. More importantly, “members can go back to their management and say ‘this is what our peer group is doing,’” she adds.
Too much information?
With dozens of information-sharing organizations popping up – along with private sector vendors, open source, and government entities that disseminate cyber threat information – finding the most accurate, targeted information could get more difficult.
“If you’ve got 20 people feeding you threat intel and some of it conflicts, how do you make a choice?” says Hugh Thompson, program committee chair and advisory board member to RSA Conference, which brings together thousands of IT professionals annually to discuss information security.
Many of the topics being batted around for the 2016 conference focus on the new challenges of information sharing. The 2014 conference focused on encouraging companies to share information, Thompson says. By 2015, topics moved to the mechanics of sharing, such as industry standards for capturing a threat, codifying it and writing it in XML.
“This coming year, folks are getting down to the most mature questions. What, at the end of the day, is our policy for sharing information? When is it a good idea for us to share it? That has all kinds of interesting complications -- most of it being legal. Is it OK to talk about this vulnerability? Will it expose a third party? Will it alert an attacker to an ongoing investigation? Will it open us up to liability by our customers?” Thompson says.
Sign up for CIO Asia eNewsletters.