The recent government release of information sharing guidelines reminded me of a post @taosecurity did a while back where he takes a stab answering this question. As usual in infosec … “it depends” is the answer. Still, it’s a great read to see how things have evolved over the past year from the original White House proposal to the recently released guidelines.
In my March 20, 2013 testimony to the House Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies on “Cyber Threats from China, Russia and Iran: Protecting American Critical Infrastructure” I stated that accurate and timely threat intelligence is often unavailable. Without an effective framework for sharing information among commercial entities, and between corporate America and the government, cyber defenders are deprived of one of the most valuable resources in detecting and responding to attacks.
Subsequently, I argued that the government should promote policies that encourage sharing threat intelligence between the private sector and government and among private sector entities. Threat intelligence does not contain personal information of American citizens, and privacy can be maintained while learning about threats. Intelligence should be published in an automated, machine-consumable, standardized manner.
Today’s post pic is from DoD.mil. See ya!