In the cyber terrain, threat actors who start small and find success almost always look to utilize their capabilities to attack other vulnerable organizations. Without adequate communication and collaboration, organizations fail to work together against adversaries and suffer the consequences of isolationism and data silos.
At TeamWorx Security, we build secure sharing communities at scale. We know information sharing across industry sectors and communities of interest is essential to ensure that distributed teams and partner organizations are ready and informed for the advanced threats we see today. Through our flagship platform, Hive-IQ®, we help organizations securely share information with distributed teams, industry partners, if needed, government partners. By connecting stakeholders globally, we often see cyber threats and incident response efforts before they arrive here in the U.S. Advances in crowdsourcing and AI helps us pinpoint a threat, allowing us to protect our critical assets and infrastructure better.
Released earlier this year, the 2023 National Cybersecurity Strategy emphasizes the importance of information sharing throughout the 35-page report. Under Pillar Five on forging international partnerships, the NCS states:
“Through these and other partnerships, the United States and international counterparts can advance common cybersecurity interests by sharing cyber threat information, exchanging model cybersecurity practices, comparing sector-specific expertise, driving secure-by-design principles, and coordinating policy and incident response activities…We will leverage these partnerships to enable effective operational collaboration to defend our shared digital ecosystem. We will also support and help build, as needed, new and innovative partnerships…that bring together unique collections of stakeholders to address new and emerging cybersecurity challenges.”
In 2021, Gen. Nakasone, commander of the U.S. Cyber Command, told ABC News, “Stopping and protecting against cyberattacks takes private and public partnerships, and 90% of the nation’s critical infrastructure is in the private sector.”
Read on to learn about what information sharing is, why it’s essential, and considerations for implementation.
What is Information Sharing?
We live by the premise that cyber security is a team sport where information sharing is the practice of gathering and sharing information across your entire team and all those involved in your cyber security efforts. This effort includes decision-makers and all levels of your organization. One of the significant challenges for organizations today is their teams are often remote and distributed, and getting the whole team involved and informed is difficult. At its most basic level, information sharing is when one party shares information with another party for the benefit of each other and the team.
Today, the working world is remote and distributed, and new technology gives us the means to share a multitude of information. Chat, email, social media, and workspace applications allow people to rapidly transfer data, including text, audio, and video files. While effective for connecting people, the marketplace of applications comes with varying degrees of security.
Users and organizations must be vigilant, take precautions, and protect critical data from prying eyes. These safeguards often lead to deliberately segregating data for different network users and stakeholders.
Hive-IQ helps our users track their incident response efforts, conversations around that response, and conversations between all partners inside and outside your organization. Hive-IQ integrates well across different cyber teams, such as malware, threat intelligence, incident response, compliance teams, and all decision-makers.
What Are Data Silos?
Data silos are a common phenomenon where information created or gathered by different teams and organizations is unavailable or isolated, often to the detriment of the community.
Despite the negative connotation, quarantining personal, proprietary, or otherwise classified information is crucial for all organizations. Data silos result from intentional access restrictions and security mechanisms that protect privileged information from unauthorized personnel or threat actors.
Of course, data silos and information-sharing challenges exist on internal and external planes for organizational communications. Through a collaborative, secure workspace in Hive-IQ, internal and external teams can eliminate data silos and build consistent situational awareness between all stakeholders.
Internal Information Sharing
For small businesses, information sharing is easy when all personnel work together or in the same office. As companies grow into multiple teams and departments and eventually geographically distributed offices, information sharing becomes more complex, and data silos are a common side effect. Configuration management becomes increasingly important to establish appropriate permissions, processes, and access to organization resources.
While information sharing becomes more difficult with growth, internal teams, and personnel must maintain communication to minimize duplicative efforts. Personnel can more effectively collaborate on shared objectives through shared knowledge across teams and departments.
External Information Sharing
Sharing data with teams outside your organization is daunting and more complex than internal information sharing. Business processes and technologies for information sharing are critical to ensure controlled sharing and logging of data transfers for reporting purposes. Companies must consider configuration management for outward-facing communications from email to various 3rd party tech platforms that comprise their technology stack.
The magic of Hive-IQ lies within its ability to connect distributed and external teams with varying levels of experience, subject matter expertise, and resources. Most organizations need more resources and skill sets to be proactive. Community-specific crowdsourcing helps balance your cyber security efforts between proactive and reactive by helping your team find the right resource(s) at the speed of need. Through our Hive-IQ community, you’ll find an ecosystem of trusted partners and organizations who can safely share and receive information to support your efforts locally and globally.
Required Information Sharing
Speaking to the necessity of transparency and information exchange – multiple governmental policies require information sharing.
In Title 6 of the U.S. Code § 485, the heads of Federal departments and agencies are required to promote a culture of information sharing, including reducing disincentives like over-classification or unnecessary requirements for originator approval.
Under the Cybersecurity Information Sharing Act of 2015, federal departments, including Defense (DoD), Justice (DOJ), Homeland Security (DHS) as well as the Director of National Intelligence (DNI), are required to work together. Another result of the legislation was establishing the Automated Indicator Sharing (AIS). Managed by the Cybersecurity and Information Security Agency (CISA), the AIS ecosystem provides private entities, federal agencies, information sharing and analysis centers (ISACs), and state, local, tribal, and territorial (SLTT) governments, a community to share cyber threat indicators and defensive measures in real-time.
While these policies focus on information-sharing activities of government agencies, private companies – which manage most of the nation’s critical infrastructure – are increasingly responsible for sharing relevant information regarding cybersecurity defense.
Benefits of Information Sharing
Information sharing is crucial to building resilience against cyber threats and enhancing local, national, and global security. By openly communicating about cyber incidents, observations, lessons learned, and the power of community, organizations can learn from each other’s experiences, respond more effectively to cyber attacks, and adopt new defensive postures.
Through the development of Hive-IQ, we’ve seen the real-world benefits of information sharing through collaborative decision-making software.
Sharing information about cyber threats in real-time allows organizations to respond rapidly and minimize an attack’s impact. Timely information sharing helps deter malware, ransomware, and other threats by prompting organizations to take preventative measures before an attack occurs or spreads.
Education & Awareness
Raising awareness about cyber threats is crucial to a stronger future for organizations and their broader communities. Information sharing in the cyber domain builds awareness and empowers leaders with the information required to make informed decisions.
Cybersecurity is a shared responsibility, and public-private partnerships are essential to leveraging resources across industries and government agencies.
Earlier this month, Gen. Paul M. Nakasone wrote at length about the importance of partnerships in the 2023 Posture Statement, including:
“Strong partnerships are crucial to cyberspace operations. When working in unison, our diplomatic, military, law enforcement, homeland security and intelligence capabilities make a powerful combination that can disrupt the plans of malicious cyber actors.”
Public-private partnerships foster collaboration between government, industry, and academia, ensuring all stakeholders have the information necessary to combat cyber threats.
Cyber threats are global, and international cooperation is also vital to addressing threats effectively. Sharing information across borders through trusted partnerships can ensure countries and alliances work together to identify, prevent, and respond to cyber-attacks.
Regarding international cooperation, Gen. Nakasone added:
“As we saw in our collective defense of the 2022 midterm election, such effects become even more decisive when we include our allies and foreign partners. Their reach often exceeds our own, especially in host-nation systems. As part of our regional engagement strategy in the Indo-Pacific, we are working closely with partners such as Australia, Japan and South Korea to share information that will impose costs on foreign adversaries. Likewise, we continue to do the same with other partners in Europe and Asia. We are also working to enhance partnerships with academia and industry experts who assist us in concept and capability development.”
With rising threats from China, Russia, and more, international cooperation remains critical to the safety and prosperity of the United States and our allies.
Interoperability through standardized formats and protocols for sharing cyber threat intelligence can streamline the sharing process for stakeholders. Organizations can easily digest, and process shared information with standardization, improving efficiency and response times.
Considerations for Cyber Information Sharing
While ideal for collaborating and communicating about threats, information sharing comes with paramount considerations too. Organizations, from small businesses to federal agencies and the intelligence community, must be mindful of sensitive data and take appropriate action to protect such information.
Building trust between organizations is foundational for effective information sharing. Through collaborative experiences, frameworks, and partnerships, organizations can build confidence that ensures data is protected and shared with authorized parties.
Legal and Regulatory Frameworks
Organizations must be mindful of the legal and regulatory frameworks relating to privacy, intellectual property, and national security interests. Frameworks (e.g., NIST, ISO, SOC2) established by government and industry authorities help define the processes and procedures for cybersecurity best practices. Adhering to frameworks establishes trust between partners and confidence in information sharing.
Creating Confidence in Secure Collaboration
Confidence in our secure collaboration and communication is imperative to build trust among partners globally. We must collaborate in real time to leverage our collective knowledge, differences, and competencies.
This effort starts by building trust and communication with unclassified, Internet-accessible information sharing. Acknowledge and demonstrate appreciation for shared information; relationships will grow organically to create a mutually beneficial information exchange.
Through our mission, we strive to create confidence in collaboration between partners on Hive-IQ. Our real-time global collaboration platform is:
- Secure – exceeds industry security controls standards, including end-to-end encryption, multi-factor authentication (MFA), and strict access controls
- Controlled – enables the users to share information as broadly or narrowly as needed;
- Dynamic – enables rapid community creation and deletion as required; and
- Accessible – web and mobile application with minimal training requirements.
How To Drive Information Sharing
At TeamWorx Security, we’ve made information sharing a part of our mission. When informed, parties can prepare and defend against threats long before attempted cyberattacks.
Through our flagship platform, Hive-IQ, we actively support global information sharing across dozens of industries, including all critical infrastructure industries, State and local governments, private industry, the Federal Government, and the Department of Defense. In Hive-IQ, organizations and their cyber teams stay on top of the latest threats, collaborate with partners, and develop defenses and responses.
Information sharing is a vital component of a robust cybersecurity strategy. By fostering trust, standardization, and cooperation, organizations can better protect themselves and others from cyber threats, ultimately contributing to more robust national and global security.
Join Hive-IQ to learn about and discuss ongoing cyber threats.