The Quadrilateral Security Dialogue (Quad) is working on a new information-sharing agreement that would help its four members improve cyber-resilience and their response to critical infrastructure (CNI) threats, according to reports.
The four members of the group – the US, Japan, India and Australia – aim to reach an agreement by May when they meet in Australia, according to Nikkei.
The cybersecurity agencies of each government will share information on CNI threats passed on to them by the private sector operators of essential services, according to the Japanese newswire.
Additionally, the Quad is looking to agree on a common security standard, to align procurement of security management and data encryption systems. That could ensure greater interoperability of systems and minimum baseline security, so that they all work well together in an emergency, the report claimed.
Read more on the Quad: US-Led Quad Launches New Cyber Group.
The information-sharing initiative has been singled out as the first step in a process of ongoing cybersecurity collaboration between the four Info-Pacific nations.
A joint statement issued by the Quad following a meeting in New Delhi in January 2023 highlighted further steps the group will take.
“In the longer term, the group has also committed to: leveraging machine learning and related advanced technologies to enhance cyber security; establishing secure channels for Computer Emergency Response Teams (CERT) and private sector threat information sharing; and creating a framework and methodology for ensuring supply chain security and resilience for ICT and operational technology (OT) systems of critical sectors,” it noted.
“These objectives form an important part of the future-looking, leading edge work plan for the group.”
It mentioned telecoms as a particularly important part of critical infrastructure, highlighting the importance of using “trusted” vendors – no doubt a dig at China and Huawei.
The need for enhanced information sharing to counter CNI risk has been given an added urgency by Russian operations in Ukraine, which have combined cyber-attacks with kinetic warfare on the ground, aimed at targeting energy infrastructure and other parts of CNI.