Information Sharing in Cybersecurity

Cybersecurity offers the protection of data and information systems from outside sources. For us to efficiently combat evolving cyber threats, information sharing is unquestionably a valuable resource. When malicious attackers scoop out innovative methods to exploit vulnerabilities, many organizations are facing becoming victims of the same exploits multiple times. Albeit new cyber threat detection technologies are continually emerging and Darknet and Anonymous web-browsing have made it easier for even low-level adversaries to obtain sophisticated attack vectors and exploits to zero-day vulnerabilities. Without the registered signature of an attack, an organization's defenses, such as the firewall and Intrusion detection technologies, struggle to deter the attacks, and companies suffer significant and irreparable loss. Being aware of the new threats and being prepared plays a critical role in mitigating the risks and enhancing the business recovery process.

The Current situation in Cybersecurity

Since late 2019, the world has been facing the unprecedented effects of the COVID-19 pandemic. Governments and businesses quickly found themselves having to quickly adapt to the new "normal" of working remotely. Remote desktop protocols allowing employees to access organizations' cloud-based Information Management System are becoming a more popular approach because of their flexibility. However, it has been discovered that shared devices are becoming honeypots, which can pose a significant risk to remote working environments. In addition to this, Big data is being stored in cloud servers, creating opportunities for adversaries to steal many data from one place. Microsoft 365, which offers cloud-based services for information sharing, addresses security risk issues by strengthening their security features and rolling out security patches on the second Tuesday of each month. Information sharing enables organizations to learn about the details of an attack and assist with defending the Confidentiality, Integrity, and the Authenticity of their assets.

The Dilemma of Information sharing

Information sharing in Cybersecurity creates the scope of personal data being accidentally or intentionally included, which would breach privacy laws. In many countries, uses of facial recognition are used by the government to monitor their population. Countries like China use this type of technology to control the COVID-19 pandemic, which has spread in the country. However, privacy advocates argue this is gross negligence of privacy legislation and protest mass-surveillance by the state.

Privacy and Civil Liberties

The Data Protection Act of 2018 dictates how an individual's information is being used by an organization, government, or business. This gives added rights to individuals to decide whether they wish to share their information and how this information will be accessed or utilized. In the US, the Federal Government has a responsibility to defend the critical infrastructure and its civilians from Cyberattacks. To fulfill this obligation, it coordinates and shares information with other public and private bodies unless it contravenes civil laws.

The Advantage of Information Sharing

For Intrusion prevention purposes, it is necessary to have real-time data on a cyberattack. This enables defenders to anticipate the attackers' approach and adopt strategic measures in-time. This improves the Cybersecurity Incidence Response practices and deters the attackers. Cybersecurity professionals across the globe support information sharing as best the intelligence to handle cyberattacks.

Mitigation of Information Sharing

In 2016, in a highly publicized event, the US Federal Bureau of Investigation (FBI) had a stand-off with Apple's technology giants. The FBI wanted Apple to allow them to have backdoor access to a suspected terrorist's iPhone device. Cases like this are not uncommon. These situations happen when the need for information sharing is measured against the need to protect citizens' privacy. Lawmakers are constantly pondering on legislation that demands information sharing but is seldom addressing privacy concerns. One way to tackle this is by anonymizing the data by removing specific and sensitive information. Although this approach is useful for the analysis of cyberattack incidents, it may not be the most efficient root analysis method in specific cases. Of course, discretion is to be applied to the types of information shared across the Cybersecurity community, based on the mutual trust of practitioners.

Information Sharing Community

Organizations like the Information Technology-Information Sharing and Analysis Center (IT-ISAC) facilitate collaboration between a diverse range of companies to share intelligence, develop cyber threat and defense strategies, and enforce security policies. It has recently been reported that, during the current pandemic, there is a growing trend of organizations prioritizing Penetration Testing of their assets to measure their resilience. It is beneficial for organizations to know the latest trends of cyber threats and employ strategies accordingly.

Conclusion:

With technological advancement, increased levels of Cybersecurity incidents are being recorded. The severity and magnitude of these attacks can substantially impact a country's national security. One of the government's main objectives is to protect national security by promoting information sharing between the private and public sectors. Therefore, Info Sharing in Cyber Security is a topic of trade-off discussion. Nevertheless, holding objective discussions on Cyber laws is a positive step forward to accept the Cyber threats the world is constantly facing and, at the same time, take into consideration those privacy concerns. Security professionals need to be educated on the information they are sharing and build security policies around this. Establishing granular access controls over information sharing gateways can contribute to mitigating the risks.

References:

[1] Pala, Ali & Zhuang, Jun. (2019). Information Sharing in Cybersecurity: A Review. Decision Analysis. 16. 10.1287/deca.2018.0387.

[2] Center for Strategic & International Studies, 2015. Information Sharing for Cybersecurity. [image] Available at: https://www.youtube.com/watch?v=FjSCJvkvBmM [Accessed 27 July 2020].

[3] INSIDE CYBERSECURITY (NEWS.ANALYSIS.COMMUNITY), 2020. Info-sharing boosts telework security capabilities against cyber attacks. [online] Available at: https://insidecybersecurity.com/daily-news/it-isac-leader-info-sharing-boosts-telework-security-capabilities-against-cyber-attacks?s=em1 [Accessed 29 July 2020].

[4] Allen, A., 2015. Cybersecurity Information Sharing: What You Need to Know. [online] Available at: https://www.linkedin.com/pulse/cybersecurity-information-sharing-what-you-need-know-adrienne-allen [Accessed 30 July 2020].

[5] www.theguardian.com, 2020. The FBI and Apple are facing off over an iPhone again. What's going on?. [online] Available at: https://www.theguardian.com/us-news/2020/jan/14/fbi-apple-faceoff-iphone-florida-shooting [Accessed 31 July 2020].