The executive order (EO) creating Information Sharing and Analysis Organizations (ISAOs) – to be anchored by the Department of Homeland Security (DHS) – has highlighted a debate among information security specialists, not only about the increased role of government, but about the limitations of the entire threat intelligence sharing efforts.
Is the world's premier cybersecurity apparatus finally moving in to bolster the defenses of business beleaguered by a barrage of cyberattacks? Or is Big Brother muscling in on threat intelligence sharing efforts that are better left to private industry?
Some prominent advocates of threat intelligence sharing welcome ISAOs as a way to give momentum to the privately run, industry-specific Information Sharing and Analysis Center (ISAC) efforts. Along with a raft of free and paid threat intel sharing services and a growing number of new tools to evaluate such data, ISAOs will further data sharing efforts, according to Merike Kaeo, CISO at IID, a Tacoma, Wash.- based cybersecurity firm.
“How the ISAOs will interact with ISACs and other sharing initiatives will largely depend on the evolving governance models,” Kaeo (left) says. “There is a consolidation ongoing in the industry to create more effective means of sharing data that is considered ‘classified' by the government.” She believes these efforts are all complementary and that rather than confuse the matter, they will create a better dialogue between government and private sector to enhance the overall data-sharing ecosystem.
But that ecosystem could also be disrupted by ISAOs, notes Denise Anderson, vice president of government and cross-sector programs for the Financial Services Information Sharing and Analysis Center (FS-ISAC).
“We have concerns that the established lines of communications and operations between the ISACs and the national partnership model can be diluted and rendered less effective,” she says.