In order to better understand the threat landscape and improve network security, the Department of Homeland Security (DHS) intends to create an automated information sharing platform where all “cyber threat indicators” would be collected and disseminated to public and private sectors in near real-time.
Achieving this goal requires participation and trust, Alejandro Mayorkas, deputy secretary of DHS, said on Thursday during a session at Black Hat USA 2015 in Las Vegas.
Participation may be the challenging part because, Mayorkas acknowledged, a trust deficit exists between the government and the information security community, possibly brought on by the government's mass collection of data, as well as concerns over the government's ability to secure the information it receives.
“The best way to tackle the trust deficit is to build trust,” Mayorkas said, indicating that it likely will not be an “overnight process” and instead an “incremental process, but it has to start somewhere.”
And Mayorkas wants to start with those attending Black Hat, a community of folks who he said are some of the brightest minds in the world. To find a comfortable starting place for building trust, he asked the audience to begin by sharing only the cyber threat indicators that they feel comfortable sharing - and taking it from there.
“We are very mindful of privacy interests, as well as civil liberty interests,” Mayorkas said, going on to add that “anonymity is going to be the cornerstone of our information sharing sharing protocols.”
Mayorkas indicated that data sharing enhances security, and that treating cyber threat indicators as proprietary information only makes us less secure.