Last Updated: 2011-03-10 22:21:11 UTC
by donald smith (Version: 1)
Seriously, its a good trend and should be encouraged.
Here are two efforts that recently came to my attention.
DOD is launching a program that will send members of their IT teams to industry to improve the government's IT expertise particularly in cyber security.
Estonia is building a Cyber Defense League with private sector cyber defense experts and government agencies.
I have been involved in several similar efforts in the past and while not all produced the desired results IMO such sharing benefits the parties involved. Private industry has people that, as part of their day to day job, watch for cyber security threats and trends. Government agencies have personal with the similar responsibilities and similar abilities.
Both have different views into various portions of "cyber land" and may see different things at different times but eventually will probably see whatever the other is seeing. Sharing that type of information just makes sense. The "bad guys" share. If the good guys don't we will always be one step behind them.
Other Government and private industry cyber security sharing forums in no particular order include but are NOT limited to:
nsp-security, ops-trust, infragard, NCFTA, ICASI, ISACS, and many others.
"Since 1997, the NCFTA, a non-profit corporation, evolved from one of the nation’s first High Tech Task Forces and has established an expansive alliance between subject matter experts (SMEs) in the public and private sectors (more than 500 worldwide) with the goal of addressing complex and often internationally-spawned cyber crimes. These SMEs, from industry, academia and government, each bring specific talents and experiences to the partnership. Through a steady cycling of such cross-sector national and international resources, both embedded at the NCFTA and through initiative-specific intelligence channels, the NCFTA is well positioned to adapt and regularly reinvent itself to better address today’s evolving threat landscape."
"The nsp-security [NSP-SEC] forum is a volunteer incident response mailing list, which coordinates the interaction between ISPs and NSPs in near real-time and tracks exploits and compromised systems as well as mitigates the effects of those exploits on ISP networks. The list has helped mitigate attacks and will continue to do so."
"OPSEC-Trust (or "ops-trust") is a highly vetted community of security professionals focusing on the operational robustness, integrity, and security of the Internet. The community promotes mindful action against malicious behavior vs observation/analysis/research. OPSEC Trust carefully expands membership pulling from talent in many other security forums looking for strong vetting with in three areas ; sphere of trust, sphere of action, and the ability to maintain a "need to know" confidentiality. OPSEC-Trust (or "ops-trust") members are in a position to directly affect Internet security operations in some meaningful way. The community's members span the breath of the industry including service providers, equipment vendors, financial institutions, mail admins, DNS admins, and DNS registrars, content hosting providers, law enforcement organizations/agencies, CSIRT Teams, and third party organizations that provide security-related services for public benefit (e.g. monitoring or filtering service providers). The breadth of membership, along with a an action/trust vetting approach provides creates a community which would be in a position to apply focused attention on the malfeasant behaviors which threaten the Internet."
InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the Federal Bureau of Investigation and the private sector. InfraGard is an association of businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States.
The Industry Consortium for Advancement of Security on the Internet (ICASI) is a forum of trust through which IT industry leaders address multi-product security challenges to better protect the IT infrastructures that support the world’s enterprises, governments, and citizens.
A few articles about Government and private sector sharing wrt cybersecurity intel:
If you know of any other good sharing being done feel free to add comments to this diary to educate everyone.