Debate: Cybersecurity information sharing allows network defenders to stay ahead of adversaries.
Rick Howard, CSO, Palo Alto Networks
Cybersecurity information sharing is the secret sauce that will allow network defenders to stay ahead of the advanced adversary. Just because it is hard to do does not mean that we should not pursue it. Adversaries are notorious for occupying underground forums for the purpose of, among other things, sharing ideas about what is working and what is not. It behooves network defenders to leverage that same kind of crowdsourcing for their own threat prevention missions. We can point to success stories like the FS-ISAC and the DSIE for leading the way to evolve the concept in terms of standards and operational efficiency. It needs to be better and organizations like the Cyber Threat Alliance are looking to scale information sharing for the masses by tracking some 5,000 campaigns in real time and automatically distributing prevention controls to the deployed customer base. The information sharing community has obstacles to overcome, for sure, but they are not insurmountable. The benefits far outweigh the negatives.
Chris Drake, CEO, Armor
At this time – I'm not a believer that cybersecurity information sharing will move the needle in getting ahead of cyber threats. Benjamin Franklin nailed it, “Well done is better than well said.” We have a major crisis going on with cybersecurity and information sharing is not one of them – it is action, and having trained security professionals to protect our critical cyber territory. You cannot win wars with satellites that gather intelligence – you must have boots on the ground with a strategy to use that intelligence to out maneuver the threat. Information sharing is a satellite view of cybersecurity and we are grossly short of professionals who can strategize, implement, monitor, and refine cybersecurity across their organization. We should also shine light on the fact that the root cause of most breaches is flaws in the software and hardware used to deliver cyberspace. Until we refocus computer science and engineering degrees to REQUIRE a security foundation, like we do for civil engineers who build bridges, we won't win the cyberwar.