Recently, President Obama signed an executive order at a Silicon Valley cybersummit that brought more focus to the goal of threat information-sharing. It specifically references “owners and operators of critical infrastructure, relevant agencies, and other public- and private-sector stakeholders,” encouraging the establishment of Information Sharing and Analysis Organizations (ISAOs). These ISAOs “may be organized on the basis of sector, subsector, region or any other affinity,” including a shared threat. So while expanding the scope of sharing, it also improves the ability for threat sharing to occur across all stakeholders, including state and local governments.
The administration launched another new initiative to improve its own sharing. A creature of the intelligence community, the Cyber Threat Intelligence Integration Center will make sure structures within Homeland Security and at U.S. Cyber Command have intelligence-generated threat information for a complete picture. Michael Daniel, White House cybersecurity coordinator, says this is the government getting its wiring straight. More fundamentally, the feds are hoping to foster a framework of trust in which both public- and private-sector entities will want to share information in the hopes of mitigating cyberthreats.
This is not strictly a federal thing. For those in state and local government, this development should be embraced. An administration proposal “to codify mechanisms for enabling cybersecurity information sharing between private and government entities, as well as among private entities, to better protect information systems and more effectively respond to cybersecurity incidents” will enable more productive sharing and communication among state and local governments.
For more information: http://www.govtech.com/opinion/The-Government-Doubles-Down-on-Cybersecurity-Leadership.html