As cybercrime outstrips the information security profession’s ability to tackle it, the need for increased collaboration between enterprises, governments and organizations has never been more important.
Actionable intelligence on current and future attacks is critical if organizations are going to be able develop effective risk mitigation tactics. The challenges to open collaboration are significant however, as organizations fear losing their competitive advantage, and governments fear national security. The lack of incentives to share information is also an inhibitor, as is the lack of a framework and common terminology. Whilst many informal information sharing networks exist between peers and colleagues, this has limited value for the sector as a whole.
As cybersecurity risks increase, how can governments, enterprises and organizations work together to share information that will arm them with actionable intelligence that will enable them to tackle their cyber-adversaries? There are some calls for mandatory reporting. In the EU it is already mandatory for communications providers to report breaches, with the planned EU General Data Protection Regulation including a 24 hour breach notification clause. In the US, there there some disclosure laws, but they remain inconsistent. Does mandatory breach disclosure mean that the lessons learned will be disseminated to other organizations that can then benefit from them?
During this panel the speakers will look at how government, enterprises and organizations can co-operate to enable cybersecurity intelligence sharing.
- Analyse the key challenges to cybersecurity collaboration and co-operation and how to overcome them
- Understand the lessons that can be learned from the aviation and health sectors regarding incident reporting
- Determine what a best practice framework for intelligence sharing would look like and a roadmap for industry to work towards this