Cybersecurity and the Need for Information Sharing

The U.S. Congress is having another one of its less-than-fine hours on the matter ofcybersecurity。尽管对政治频谱和商界的共识支持，但是，白色房屋和警报的劝告响起政府和私营部门的战争，反对恶意攻击的无情的冲击，旨在更有效地颁布给威胁情报的法律。

The objective of several proposals is to encourage collaboration, as implied by the name of one Senate bill, the Cybersecurity Information Sharing Act of 2015. The principle is embodied in the Protecting Cyber Networks Act that passed the House in April by 307-116.

Cooperation toward a common goodwould seem inherently uncontroversial; 94 percent had a favorable view of public-private information sharing in asurveyreleased in May by San Mateo, California–based BrightPoint Security. Corporate interests say codification is necessary to protect them from liability that they may incur under existing laws that restrict disclosures, or as a result of disseminating information in good faith that turns out to be inaccurate.

Washington analysts might say that the legislation ran up against conflicting priorities — Senate Republicans were rebuffed in a June attempt to attach the Cybersecurity Information Sharing Act to the National Defense Authorization Act — or the persuasiveness of a few dissenting voices objecting to some surveillance provisions.

此类私人可能会掩盖某些现场现实。事实是，信息共享既不是未知也不是未经证实的，而且它不再是任何其他网络安全措施的银弹。它甚至具有常见的漏洞：可以被黑客分享的任何共享。

“It is worth emphasizing that information sharing is not a panacea” but rather “the low-hanging fruit of greater protection,” research associateDavid Inserra and visiting fellow Paul Rosenzweig wrotein an April 2014 Heritage Foundation背景。

U.S.已经向信息共享和分析中心（ISAC）显示了方式。旧约，弗吉尼亚州为基础Financial Services Information Sharing and Analysis Center(FS-ISAC), formed in 1999 following a presidential directive on critical infrastructure protection, has grown into a global network of 5,500 members continuously exchanging and acting upon threat and incident reports. FS-ISAC is one of about 20 such bodies that are members of the 12-year-oldNational Council of ISACs。

At the federal level, President Obama has issued executive orders and taken to the bully pulpit to rally support for comprehensive cybersecurity responses, including information sharing. “There’s only one way to defend America from these cyberthreats, and that is through government and industry working together, sharing appropriate information as true partners,”奥巴马在2月13日演讲时说at Stanford University.

2014财年的国土安全国家网络安全和通信整合中心“收到了私营和政府部门的97,000多个网络事件报告，并发布了近12,000个网络警报或警告，”DHS秘书Jeh Johnson报道in an April 21 speechto an information security convention.

If sharing on that scale is not enough, then what is missing?

The next wave of solutions may in fact be technological. Information and notifications alone have limitations — as do overtaxed security staffs. The data has to be “operationalized” and “actionable,” and outside of the defense and IT industries and a few members of the banking and corporate elite, those capabilities are immature at best, observes Mark McArdle, chief technology officer of Canada-basedeSentire, which specializes in threat protection for midsize firms.

One自动智力收集and monitoring platform is Soltra Edge, provided by ajoint ventureformed last year by FS-ISAC and New York–based Depository Trust & Clearing Corp. Whereas that offering grew out of the finance industry, a Washington-area start-up,ThreatQuotient, is “operationalizing threat intelligence” based on the defense industry experience of co-founders Wayne Chiang and Ryan Trost. Coming out of Silicon Valley areAlienVault众群开放威胁交流和Norse’s real-time, “machine-readable” threat intelligence.

Three-year-old亮点, with former Lehman Brothers chief security officer Rich Reybok serving as chief technology officer, overcomes legal concerns in its actionable threat intelligence by anonymizing shared information and making private details unattributable.

BrightPoint总裁兼首席执行官Anne Bonaparte表示，“等待立法过程解决业务问题”通常不明智，这些技术显然比政府更快地播出。尽管如此，她仍然有利于分享法，因为“它是对信息的放大。”