Iid infoshare exec_summary final
Upcoming SlideShare
Loading in...5

Iid infoshare exec_summary final



IID examines the current state of cybersecurity intelligence sharing as well as its roadblocks and how they can be overcome. This includes viewpoints from leaders in the field of cybersecurity, ...

IID examines the current state of cybersecurity intelligence sharing as well as its roadblocks and how they can be overcome. This includes viewpoints from leaders in the field of cybersecurity, representing a diverse cross-section of businesses and government agencies like Microsoft, Georgetown University and the City of Seattle.



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Iid infoshare exec_summary final Iid infoshare exec_summary final Presentation Transcript

  • Sharing the Wealth, and the Burdens, of Threat Intelligence Why security experts must unite against cyberattacks, and what’s stopping them from collaborating more effectively. White Paper: Exec Summary
  • New era of collaboration Cybercrime evolves quickly, strikes often Good guys lack organized, automated and scalable ways to share intel Major business, government and education players working to make sharing work more effectively “Information sharing is still overly predicated on four dudes in a room…talking about what happened last month.” City of Seattle 2
  • Three stages of collaboration 1. Proactive measures −  Internet hygiene recommendations −  Suspicious phishing/malware IP addresses −  Software vulnerability/patch updates 2. Incident response −  Crisis management −  Threat mitigation 3. Post-attack inquiries −  Work with authorities to investigate and prosecute “The bulk of the investment moving forward should be in preventative.” Microsoft 3 “If we invested one tenth of what we invest in cyber- security into old fashioned police work, we’d actually have a better return on investment.” Georgetown University
  • Obstacle #1 Manual, disparate technologies and standards −  Slow manual processes −  Nothing automated or scalable −  Need standards, procedures, data formats and reports −  “The bad guys move fast…so the data needs to move extremely fast.” Microsoft 4
  • Obstacle #2 Trust issues −  Who to trust? •  Competitors •  Regulators −  Need to define with whom, how, when and how much to share “Collaboration is great, but collaboration without trust doesn’t get very far.” IID 5
  • Obstacle #3 Liability of sharing −  Sharing too much or wrong information? •  Limits needed •  Fast remedial procedures −  Legal indemnification to prevent blowback from over-sharing “There are a lot of stakes involved in balancing between maintaining the privacy of individual users and still being able to share certain information on security incidents so others can protect themselves.” Forum for Incident Response and Security Teams 6
  • Obstacle #4 Lack of resources, incentive −  Overburdened, understaffed •  Sharing intel not a priority •  Often caught unaware −  Collaboration is single most effective way •  Largest companies already sharing −  CEOs recommend private/government sharing as vital to cybersecurity “Please come up with some incentives that will especially get local governments to adopt these frameworks because otherwise they’re not going to do it and the impact is…probably loss of life.” City of Seattle 7
  • Conclusion Corporations, organizations and agencies working toward advances in cybersecurity intel sharing Leaders setting standards and creating solutions Can we work faster than the criminals? A major attack could shut down the Internet, or worse Read the white paper at http://internetidentity.com/white-papers/