What's the best defense against cybercrime? Surprisingly, it might be a big mouth.
Sharing information about threats and risks is quickly becoming the expected starting point for any credible defense. And as proof, you need look not further than recent examples in the public, private and non-profit sector.
Think of what's happened in just the past few days. Congress has moved forward legislation that would encourage information-sharing in the financial sector. The retail industry has introduced a portal for this same purpose. And a security company has introduced a new product that uses shared information as its base.
It is quite the turnaround from a few years ago when such information was carefully hoarded. Back then, if an attack occurred, it was only reluctantly shared with customers and competitors.
The New Black
Sharing threat intelligence has become the new black in online security. And for good reason.
It is, according to Robert Siciliano, online safety expert for Intel Security, one of the more significant advances in crime fighting.
"There are numerous behind the scenes technologies that identify devices, IP address, origins and methods of attack," he told CMSWire. "By sharing all this intelligence, a company who has been breached can tell another who hasn't what to look out for."
Perhaps more importantly, he added, they can communicate what they feel they have done right.
"There's a lot to be said for getting inside information into the workings of a crime syndicate. In this case, information is power and more security," Siciliano said.
This week the Retail Cyber Intelligence Sharing Center unveiled an intelligence-sharing portal that will be managed by the Financial Services Information Sharing and Analysis Center. It's expected to be up and running within the next 30 days.
Its mission is to enhance "the capabilities retailers currently use to share vital cybersecurity intelligence information within the community" that it receives from partners, government agencies and law enforcement.
The portal is one of several tools the non-profit offers the retail sector, R-CISC Executive Director Brian Engle, told CMSWire.
The expectation is that the portal could at best prevent an attack, and if not, mitigate the effect of one that does occur by preventing it from spreading further, he said.
"You may not be able to prevent a Zero Day attack but you can let others be aware of that vulnerability when it does become apparent," he added.
A Security Offering
There are other variation of this information-sharing theme.
Take Kount, a provider of fraud detection and sales technology, and Ethoca, for example. The latter is a provider of collaboration-based technology designed to help card issuers and online merchants stop e-commerce fraud.
The two are offering a new service in which every day, card issuers and credit unions send confirmed fraud and customer dispute data to Ethoca, which then sends this data to merchants via hourly alerts.
Merchants would normally have to wait three to six weeks to receive this information through the chargeback and dispute process, the companies reported.
A Bill in Congress
In Washington DC, Congress is doing its part to facilitate information sharing on cyber threats, too.
This week the House Intelligence Committee leaders released a cybersecurity information sharing bill similar to the one put forward by Senate Intelligence Committee.
The bill would allow financial institutions to open the door to real time cyber threat information sharing between institutions, among and between sectors and bi-directionally with the government. There is also a targeted level of liability protection.
Of all of these measures, Congress has the potential to do the greatest good. It also, though, has the greatest potential to falter before it makes the finish line, for both political reasons and the squeamishness many feel about the government sharing information about anything on its citizens.
"The House Intelligence Committee is trying to balance cybersecurity threats, consumer privacy concerns, and politics in its Protecting Cyber Networks Act," said Jonathan Sander, Strategy and Research Officer with STEALTHbits, a data security company.
Sander noted that the average person "is very suspicious of the National Security Agency right now."
But the goal of the bill is the heart of good security practice, he said.
"The only way to make all cybersecurity stronger is to share information about threats so that more eyes can help patch vulnerabilities and mitigate risks the bad guy might try to leverage."
Hopefully, he concluded, "there can be a deal that will give the strongest sharing of threat data to power better cybersecurity with the least amount of privacy erosion."