Information Sharing: Not a Panacea

Late last year, the text of the Cybersecurity Information Sharing Act (CISA) found its way into a consolidated spending bill and was signed into law by President Barack Obama on December 18, 2015.  CISA is designed to “improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.”  The law allows for the sharing of various types of digital information between U.S. government agencies and private sector organizations. 

What’s so great about threat intelligence sharing? The basic assumption is that organizations like federal intelligence (i.e. CIA, NSA, DoD, etc.) and law enforcement agencies (i.e. FBI, Secret Service, etc.) regularly collect threat intelligence about the tactics, techniques, and procedures (TTPs) used by cyber-adversaries that is classified and unique.  Alternatively, private organizations face a constant barrage of targeted cyber-attacks that the Feds don’t see.  By regularly sharing threat intelligence, public and private sector organizations can gain additional insight that may help them mitigate risk, detect an attack, or remediate ongoing problems.