{"id":31650,"date":"2017-05-04T06:00:11","date_gmt":"2017-05-03T20:00:11","guid":{"rendered":"https:\/\/www.aspistrategist.ru\/?p=31650"},"modified":"2017-05-03T10:49:09","modified_gmt":"2017-05-03T00:49:09","slug":"cyber-information-sharing-achieving-holy-grail-cooperation","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/","title":{"rendered":"Cyber information sharing: achieving the Holy Grail of cooperation"},"content":{"rendered":"<p style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-31651 size-full\" title=\"Image courtesy of Flickr user Northsky71.\" src=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z.jpg\" alt=\"Image courtesy of Flickr user Northsky71.\" width=\"640\" height=\"427\" srcset=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z.jpg 640w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z-205x137.jpg 205w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z-332x221.jpg 332w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<p>When confronting the problems of cybersecurity, it\u2019s often noted that, regardless of time and space, we\u2019re all exposed in some way to the same active and innovative threat actors. Shared threats promote cooperation, and sharing information on cyber threats has long been acknowledged <a href=\"https:\/\/www.acsc.gov.au\/publications\/ACSC_Cyber_Security_Survey_2016.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">as an efficient way to reduce the effectiveness<\/a> of cyber threat actors. For this reason, a key initiative of Australia\u2019s <a href=\"https:\/\/cybersecuritystrategy.dpmc.gov.au\/\" target=\"_blank\" rel=\"noopener noreferrer\">Cyber Security Strategy<\/a> is the establishment of a multilayered, public\u2013private cyber information sharing network, focused on the <a href=\"https:\/\/www.acsc.gov.au\/publications\/ACSC_Cyber_Security_Survey_2016.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Australian Cyber Security Centre<\/a> (ACSC) and new cross-sectoral <a href=\"https:\/\/www.attorneygeneral.gov.au\/Mediareleases\/Pages\/2017\/FirstQuarter\/Turnbull-government-launches-first-joint-cyber-security-centre.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">joint cyber security centres<\/a> (JCSCs) in state capitals. Cyber information sharing is not new to Australia, but this renewed focus is an opportunity to create an effective national network to share information that assists all participants to improve their security, collectively enhancing Australia\u2019s overall cybersecurity posture and capability.<\/p>\n<p>However, establishing information sharing networks isn\u2019t simple. They can be undermined by a lack of trust, inadequate funding, and poor engagement from contributors who don\u2019t share a common understanding of the vision and objectives of the organisation. In addition, public\u2013private information sharing is often held back by concerns that overclassification of information and slow sharing by government agencies reduces the value and effectiveness of information sharing. This was recently highlighted in the ACSC\u2019s <a href=\"https:\/\/www.acsc.gov.au\/publications\/ACSC_Cyber_Security_Survey_2016.pdf\" target=\"_blank\" rel=\"noopener noreferrer\"><em>2016 Cyber<\/em> <em>Security Survey<\/em><\/a>, which showed that respondents viewed information, intelligence sharing and collaboration as the least important factor in mitigating cyber risks. The survey\u2019s poor results for perceptions of the value of information sharing indicate that the foundations of trusted information sharing networks in Australia remain weak.<\/p>\n<p>As Australia embarks on a process to develop a deeper and wider national cyber information sharing network, careful consideration of the lessons learned by the US and other international partners is necessary to ensure early success and long-term sustainability. This is the focus of my \u00a0paper, <em>Cyber information sharing: lessons for Australia<\/em>, which was released today. The paper builds on a forthcoming report by ASPI\u2019s US partner the <a href=\"https:\/\/www.mitre.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">MITRE Corporation<\/a>, <em>Building a National Cyber Information-Sharing Ecosystem.<\/em><\/p>\n<p>The US has been pursuing cyber information sharing since the late 1990s, when the federal government directed the creation of <a href=\"https:\/\/fas.org\/irp\/offdocs\/pdd\/pdd-63.htm\" target=\"_blank\" rel=\"noopener noreferrer\">public\u2013private partnerships for critical infrastructure protection<\/a>. The now decades-long development of a variety of information sharing models in the US, and the greater complexity of its industrial and commercial sectors, provide a healthy catalogue of case studies and lessons for the Australian cybersecurity community as it pursues deeper information sharing mechanisms.<\/p>\n<p>MITRE has examined three US cross-sectoral, regionally based information sharing and analysis organisations: the <a href=\"https:\/\/www.acscenter.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">Advanced Cyber Security Center<\/a> from Massachusetts, the <a href=\"http:\/\/www.neocyberconsortium.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Northeast Ohio CyberConsortium<\/a> from Ohio, and the <a href=\"http:\/\/nationalcyber.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">National Cyber Exchange<\/a> from Colorado. From its assessment, MITRE has devised nine questions, dubbed the <a href=\"https:\/\/www.mitre.org\/capabilities\/cybersecurity\/overview\/cybersecurity-blog\/the-gnarly-nine-how-to-make-sure-your-isao-is\" target=\"_blank\" rel=\"noopener noreferrer\">\u2018Gnarly 9\u2019<\/a>, which must be addressed to build a successful cross-sectoral cyber information sharing organisation. The nine questions can be further distilled into three pillars of a successful information sharing organisation: adequate funding, trust between participants, and a collaboratively developed strategic plan.<\/p>\n<p>Funding and a strategic plan are factors of the investment of time, money and people in the initial stages of establishment, but trust is an intangible quality that has to grow between participants. Growing trust will take time and experience of cooperation between individuals and organisations, although there are structural components that can support the growth of trusted relationships and enable effective information sharing. There are <a href=\"https:\/\/www.mitre.org\/publications\/technical-papers\/cyber-informationsharing-models-an-overview\" target=\"_blank\" rel=\"noopener noreferrer\">several possible models for information sharing ecosystems<\/a>, but the current approach of the Australian community, building on the ACSC and JCSCs, is leading towards a \u2018hub-and-spokes\u2019 model. In this model, the nature and role of the hub is particularly important in enabling the growth of effective sharing and trusted relationships.<\/p>\n<p>Building on the lessons learned from US information sharing organisations as discussed by MITRE, <em>Cyber information sharing: lessons for Australia<\/em> presents a possible model that meets the Cyber Security Strategy\u2019s call for a multilayered public\u2013private information sharing network. Based on existing sharing organisations and linkages, such as the ACSC and emerging JCSCs, this information could be provided to an independent clearing house as the hub of the national network, integrating multiple information feeds. This would make it easier to ensure that information is appropriately managed and ensure a level of anonymity for information providers, supporting the development of trust in the network necessary for participant buy-in and sustained information sharing. Further investment in automated, secure, standards-based information sharing will also be necessary to provide actionable information in real time.<\/p>\n<p>A national cyber information sharing network will be an important mechanism to enable the achievement of stronger national cyber defences and resilient networks. The development of this network will be an evolutionary process, but Australia should take heed of the lessons learned by partners in the US and elsewhere.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>When confronting the problems of cybersecurity, it\u2019s often noted that, regardless of time and space, we\u2019re all exposed in some way to the same active and innovative threat actors. Shared threats promote cooperation, and sharing &#8230;<\/p>\n","protected":false},"author":364,"featured_media":31651,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[1060,391,381],"class_list":["post-31650","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-australian-cyber-security-centre","tag-cyber","tag-information-warfare"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cyber information sharing: achieving the Holy Grail of cooperation | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyber information sharing: achieving the Holy Grail of cooperation | The Strategist\" \/>\n<meta property=\"og:description\" content=\"When confronting the problems of cybersecurity, it\u2019s often noted that, regardless of time and space, we\u2019re all exposed in some way to the same active and innovative threat actors. Shared threats promote cooperation, and sharing ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2017-05-03T20:00:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-05-03T00:49:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"427\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Liam Nevill\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Liam Nevill\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI&#039;s analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z.jpg\",\"width\":640,\"height\":427,\"caption\":\"Image courtesy of Flickr user Northsky71.\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/\",\"name\":\"Cyber information sharing: achieving the Holy Grail of cooperation | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/#primaryimage\"},\"datePublished\":\"2017-05-03T20:00:11+00:00\",\"dateModified\":\"2017-05-03T00:49:09+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/d81d6aff5a42bb8e53d00720fad0e936\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cyber information sharing: achieving the Holy Grail of cooperation\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/d81d6aff5a42bb8e53d00720fad0e936\",\"name\":\"Liam Nevill\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cfa81d9fb18f77771edc760e855ec75f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cfa81d9fb18f77771edc760e855ec75f?s=96&d=mm&r=g\",\"caption\":\"Liam Nevill\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/liam-nevill\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cyber information sharing: achieving the Holy Grail of cooperation | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/","og_locale":"en_US","og_type":"article","og_title":"Cyber information sharing: achieving the Holy Grail of cooperation | The Strategist","og_description":"When confronting the problems of cybersecurity, it\u2019s often noted that, regardless of time and space, we\u2019re all exposed in some way to the same active and innovative threat actors. Shared threats promote cooperation, and sharing ...","og_url":"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2017-05-03T20:00:11+00:00","article_modified_time":"2017-05-03T00:49:09+00:00","og_image":[{"width":640,"height":427,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z.jpg","type":"image\/jpeg"}],"author":"Liam Nevill","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Liam Nevill","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI&#039;s analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/05\/15175658548_6ddba8eab6_z.jpg","width":640,"height":427,"caption":"Image courtesy of Flickr user Northsky71."},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/","url":"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/","name":"Cyber information sharing: achieving the Holy Grail of cooperation | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/#primaryimage"},"datePublished":"2017-05-03T20:00:11+00:00","dateModified":"2017-05-03T00:49:09+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/d81d6aff5a42bb8e53d00720fad0e936"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/cyber-information-sharing-achieving-holy-grail-cooperation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"Cyber information sharing: achieving the Holy Grail of cooperation"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/d81d6aff5a42bb8e53d00720fad0e936","name":"Liam Nevill","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/cfa81d9fb18f77771edc760e855ec75f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cfa81d9fb18f77771edc760e855ec75f?s=96&d=mm&r=g","caption":"Liam Nevill"},"url":"https:\/\/www.aspistrategist.ru\/author\/liam-nevill\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/31650"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/364"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=31650"}],"version-history":[{"count":1,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/31650\/revisions"}],"predecessor-version":[{"id":31652,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/31650\/revisions\/31652"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/31651"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=31650"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=31650"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=31650"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}