Cybersecurity Sharing: The Latest Fad or a Real Security Breakthrough?

    Slide Show

    Top 10 Tips for Educating Employees About Cybersecurity

    It seems that cybersecurity data sharing is all the rage these days. Just today, I read an article about the creation of the Cyber Threat Intelligence Integration Center, an Obama administration initiative meant to encourage the flow of cybersecurity-related data between government agencies and private businesses. I also read about Facebook’s new platform for cybersecurity professionals to share information more easily.

    It seems so logical, doesn’t it? Security professionals have been sharing information about new malware and vulnerabilities for a long time, so it is nice to see a true outlet available that could open up threat sharing to security administrators across industries. Government agencies and private industry should be working together as a united front to better address the evolving threats facing our networks and data. This isn’t like sharing industry trade secrets; we’re all in the same boat when it comes to cybersecurity.

    Of course, sharing wasn’t always popular. When Congress first began to talk about the Cyber Intelligence Sharing and Protection Act (CISPA), there was a lot of resistance because of fears that it would hurt privacy, particularly with the government sticking its nose into the private sector. It’s why CISPA didn’t have a prayer of passing for a long time.

    But that attitude came before Target, Home Depot, Sony, Anthem, and a host of other breaches were making the news every evening. And before the average person began to sincerely care about cybersecurity and needing someone to protect their personal information from being sold on the black market.

    Login Security

    On the surface, cybersecurity threat sharing appears to be a good thing – the more we know, the better we are able to address the problems. But not everyone is convinced that cybersecurity sharing is the real-deal breakthrough at addressing threats. According to TechWire, former White House Cybersecurity Coordinator Melissa Hathaway was cited as believing the new government agency is redundant and will do little more than create even more bureaucracy. And Stephen Cobb, senior security researcher at security firm ESET, wondered in an email to me whether getting intelligence about cybersecurity threats more quickly will actually make a difference, adding:

    Unless the stated goal is to identify bad actors more swiftly, and sanction them with greater precision and immediacy, we’re not going to deter the kind of attacks that provoked this new initiative.

    So will cybersecurity sharing actually work, or is it a fad that sounds good but will fade away when the next big attack happens?

    Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom’s Guide. You can reach Sue via Twitter: @sueporemba

    Sue Poremba
    Sue Poremba
    Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.

    Latest Articles