Strengthen a Nation's Cyber Through Cyber Information-Sharing Partnerships

June 7, 2017
Partners with Purpose: Post by Bruce Bakis and Edward D. Wang

Cyber partnerships are a crosscutting enabler of the pillars in any country’s cybersecurity strategy.

Cyber partnerships, especially those focused on cyber information sharing, are a key means to achieving the goal of better managing and mitigating cyber risks to improve national, regional, and local cyber defenses. Additionally, cyber information-sharing partnerships can stimulate regional economies through a collaborative focus on education, workforce development, innovation, and research and development (R&D).

Based on lessons learned from the evolution of cyber information-sharing in the United States and case studies of three regional Information Sharing and Analysis Organizations (ISAOs) instantiated within the last five years, MITRE developed 11 recommendations (below) for building a national unclassified cyber information-sharing ecosystem. By using a trusted, independent, third-party as a unifying virtual hub, regional ISAOs can better serve as growth catalysts for a national, unclassified cyber information-sharing ecosystem and remain focused on cyber defense and regional cyber economic development.

The detailed lessons learned, case studies and recommendations are provided in a report, Building a National Cyber Information-Sharing Ecosystem. This report also outlines a framework for readying regional ISAOs, which has been informed by the top strategic challenges that any aspiring cyber information sharing volunteer partnership should address from the start.

We expect cyber information-sharing partnerships to continue to form and grow, especially regionally, with an increasing diversity of domains and sectors.   Using current trends and innovations, the report also provides a glimpse of what future cyber information-sharing partnerships could entail:

  • Cyber information-sharing partnerships will proliferate, especially regionally, and the diversity of the domains and sectors they serve will increase.
  • The trend of forming information-sharing organizations will mimic the hype cycle, with the current state being somewhere near the peak between mass-media hype and supplier proliferation. Eventually, there will be some consolidation before trekking up the slope of enlightenment.
  • The certification of partnership entities will enable federations and federations-of-federations to form as trust circles organized by region, business domain, and purpose.
  • Internet of Things consortia will begin to rapidly form to share cyber information associated with the intersection of device security and safety (e.g., medical devices, autonomous vehicles, on-board avionics).
  • ISAO-like models will be repurposed to facilitate sharing within government organizations (e.g., intra-government ISAOs) as public partnerships.
  • ISAO-like models will be repurposed for use in non-cyber domains (e.g., elections, fraud prevention).
  • Sharing will increasingly occur as machine-to-machine transactions that are managed by trust contracts and chronicled as transactions on blockchain infrastructures.
  • Shared information will increasingly incorporate adversary behavior elements and behavioral analytics, which are designed to detect real-time behavioral patterns of an unfolding cyber-attack.

Recently, the Australian Strategic Policy Institute (MITRE’s strategic partner in Australia) incorporated elements from the report into a post on The Strategist: Cyber information sharing: achieving the Holy Grail of cooperation.  The Institute also included several of the report’s strategic recommendations in a Policy Brief to the Australian government.

By unifying ISAOs into a cooperative sharing federation guided by a strategic plan largely driven by the private sector, a cyber information-sharing ecosystem will emerge by design. The ecosystem will provide stronger national, regional, and local cyber defenses and catalyze state and metropolitan cyber economies.

The MITRE Corporation is a private, not-for-profit organization that manages and operates seven federally funded research and development centers that support U.S. Government sponsors. MITRE applies science, technology, systems engineering, and strategy to complex problems of global significance in the areas of aviation, critical infrastructure, cybersecurity, and defense.