世界經(jīng)濟論壇-網(wǎng)絡(luò)信息共享對我們集體防御的商業(yè)重要性（英）-2022.11-16正式版

IncollaborationwithGlobalResilienceFederationPartnershipagainstCybercrimeTheBusinessImperativeofCyberInformationSharingforOurCollectiveDefenceCOMMUNITY PAPERNOVEMBER 2022Cover:MarsYu,GettyImages–Inside:GettyImagesContentsForewordExecutivesummaryIntroduction1MakinginformationsharingaC-suiteprerogative2Managingcomplianceandregulatoryconcerns3Defining“sharing”onapracticallevelConclusionContributorsDisclaimerThisdocumentispublishedbytheWorldEconomicForumasacontributiontoaproject,insightareaorinteraction.Thefindings,interpretationsandconclusionsexpressedhereinarearesultofacollaborativeprocessfacilitatedandendorsedbytheWorldEconomicForumbutwhoseresultsdonotnecessarilyrepresenttheviewsoftheWorldEconomicForum,northeentiretyofitsMembers,Partnersorotherstakeholders.?2022WorldEconomicForum.Allrightsreserved.Nopartofthispublicationmaybereproducedortransmittedinanyformorbyanymeans,includingphotocopyingandrecording,orbyanyinformationstorageandretrievalsystem.TheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 2November2022 TheBusinessImperativeofCyberInformationSharingforOurCollectiveDefenceForewordCharlesBlaunerMichaelDanielJeremyJurgensSpecialAdviser,GlobalPresidentandChiefExecutiveManagingDirector,ResilienceFederationOfficer,CyberThreatAllianceWorldEconomicForumWhyarewestilltalkingaboutcyberthreatinformationThispaperalsoaddressestheseproblems.Itlayssharing?Itisnotacontroversialtopic.Cybersecurityoutapractical,three-stepmethodforovercomingprofessionalsalmostuniversallysupportincreasedthebarrierstosharing,focusingontheorganizationalinformationsharing.Scoresofreportshaveendorsedstructuresneededtomakesharingpracticalandtheconcept,andgovernmentpoliciespromotetheacceptable.Followingthepaper’sframeworkwillidea.Entireorganizationsexisttoenableit.Infact,enablebusinessestochangetheirbehaviourandtheconsensusoninformationsharingisremarkableincreasetheirsharingtomeaningfullevels.foritsconsistencyanddurability.Yet,despitethisconsensus,thelevelofcyberthreatinformationBusinessesneedtoadoptthepaper’sframeworksharingremainsinsufficient.Cleary,ifeveryoneagreesbecauseincreasedinformationsharingatthethatweshoulddosomething,butmanyorganizationsorganizationallevelcreatesmultipliereffectsdonot,weneedtoexaminetheimpedimentstoacrossthedigitalecosystem.Forexample,severalactionmoreclosely.Mostimportantly,weneedtoorganizationshavecometogetherthroughthethinkaboutthetopicdifferently.WorldEconomicForumCentreforCybersecuritytosupportaprojectcalledtheCybercrimeAtlas.ThisThispaper,“TheBusinessImperativeofCybereffortcombinesinformationfromwidelydisparateInformationSharingforOurCollectiveDefence”,sourcestodevelopabetterpictureofthecybercrimeprovidessuchanalternativeperspective.Critically,ecosystem,frommalwaredevelopmenttoitdoesnotmakethecaseforinformationsharingdistributionnetworkstomoneyflows.Thedifferentbasedonaltruismorpatriotismorontechnical“maps”orviewsderivedfromthesharedinformationgrounds–traditionalargumentsforincreasedwillenablethemuchmoreeffectivedisruptionsharing.Instead,itmakesthecasebasedonofmaliciouscybercriminalactivity.Withouttheeconomics.Intoday’sworld,ifabusinesswantsunderlyingsharedinformationfrommultiplesources,tothrive(orevensurvive),thenitmustsuccessfullytheproject’sanalysiswouldnotbepossible.manageitscyberrisk.Inturn,effectiveriskmanagementrequirescyberthreatinformationInformationsharingwillneverbeeasy.Itwillalwayssharing.Bytyinginformationsharingtoabusinessrequiresustainedresources,commitmentandimperative,thispaperusesalanguagethatsupport.However,oncebusinessesgetintothebusinessleadersunderstandandregularlyactupon.habit,oncethispracticebecomesthenorm,wewillwonderhowanyoneeverfunctionedanyotherOfcourse,legalissues,culturalbarriersandanway.Then,wecanfinallystartmanagingourcyberunclearreturnoninvestmentcanstillhindersharingriskeffectively–andstoptalkingaboutcyberthreatevenifbusinessleadersrecognizethermationsharing.TheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 3ExecutivesummaryTrueinformationsharingisfoundationaltoclosingthegapbetweenattackersanddefenders,soitisimperativetomakeitareality.Toensuretherightlevelofcybersecurity,cooperationbetweenthepublicandprivatesectorsisabsolutelycrucial.InformationSharingandAnalysisCentrescreateaplatformforsuchcooperationintermsofsharinginformationaboutrootcauses,incidentsandthreats,aswellassharingexperience,knowledgeandanalysis.EuropeanUnionAgencyforCybersecurityThispaperprovidesabriefdiscussionofthreekeystepstowardsclosingtheattacker-defendergap:MakinginformationsharingaC-suiteprerogativeManagingcomplianceandregulatoryconcernsDefining“sharing”onapracticallevelThesethreestepsmustbeimplementedinconcerttoachievetrulyproductiveinformationsharing,butitisaworthwhileendeavourgiventhealarmingaccelerationofattacks,andtherelativestagnationoftheprogressofdefendersbycomparison.Inaddition,thispaperprovidesthefollowingunderstandingsasthefoundationuponwhichthecaseforinformationsharingrests:–Cyberthreatstodayhaveescalatedtothepointwheretheycanposeanexistentialrisktoacompany,disruptnational/globalcriticalinfrastructureandcausethelossoflife.

–Forenterprisestohaveanychanceofsuccessfullydefendingthemselves,theymustacceptandadoptaphilosophyofcollectivedefence.Cyberinformationsharingisatthecoreofanycollectivedefencestrategy.–Informationsharingisnotnew,anditisdemonstrablynotacompetitiveissue.–Legalprocessesandemergingtechnicalsolutionsexistforrealandperceivedregulatoryandprivacychallenges.–Achievingtruecyberinformationsharingisabusinessprerogativeand,aswithanybusinesspriority,successrequirestheactivesupportandengagementofC-suiteexecutives.TheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 4IntroductionTohaveanychanceofsuccessfullydefendingthemselves,enterprisesmustacceptandadoptaphilosophyofcollectivedefence.Cyberinformationsharingisatthecoreofanycollectivedefencestrategy.Inthespringof1998,USPresidentClinton’sadministrationwasconcernedwiththerisingtideofhostilecyberactivityandthepotentialforthatactivitytoharmcriticalinfrastructureintheUnitedStates.Inresponse,theWhiteHouseissuedPresidentialDecisionDirective63:CriticalInfrastructureProtection.ThenTreasurySecretaryRobertRubinsummonedthechiefinformationsecurityofficers(CISOs)ofleadingfinancialinstitutionstoWashingtontodiscussanindustryresponse.Workbytheindustryyieldedonekeyconclusion:firmsthattraditionallyarecompetitorsinbusinessneedtoshifttheirunderstandingofcompetitiontotheviewpointofindustryversuscriminalorganizationsandnation-stateactors.Ascriminalorganizationsaresophisticatedandhighlycollaborative,adoptingaviewofcollectivedefenceisthemosteffectiveposture.Cyberinformationsharingisatthecoreofthatdefence.Withthisrealization,theUSFinancialServicesInformationSharingandAnalysisCenter(FS-ISAC)wasborn.TheideaoftheISAChasinmanywaysbeenagreatsuccess.TheFS-ISAChasthousandsofbankssharinginformation,makingthemmoresecureandmoreresilient.Othersectorshavealsobenefitedfrominformation.In2014,theFS-ISACestablisheditsSectorServicesdivision,whichsupportedthedevelopmentofsharingorganizationsbasedontheFS-ISACmodel.Thedivisionhelpedbuildcommunitiesinlegal,energy,retailandothersectors.Iteventuallyspunouttobecomethe

non-profitGlobalResilienceFederationthatnowmanagesandsupports17sharingcommunities.Internationally,InformationSharingandAnalysisCentres(ISACs)ortheirequivalentscannowbefoundaroundtheworld,workingindependentlyorwithgovernmentsupport.Asaresultoftheirefforts,membercompaniesarenowbetterpreparedthanevertodefendthemselves.Butatthesametime,thelevelofrisktoindustryhasneverbeenhigher.InthetwodecadessincethecreationofthefirstISACs,thechallengeshavegottenmateriallyworse.Theworld’scollectiverelianceonservicesdeliveredinrealtimeviatheinternethasexposedcriticaloperationalprocessestowholenewattackvectorsand,inmanycases,thecapabilitiesofmaliciousactorshaveoutpacedthoseofthedefenders.Inaddition,theseactorshaveadoptedmanynation-statestyletechniquesandhavecreatedhighlydevelopedcollaborativemarketplacesforattacktools.Defendershavebeenleftshorthandedduetoskillshortagesandalackofcollaboration,aweakpositionexacerbatedbytheacceleratingpaceoftechnologicalchange.Bymakinginformationsharingapartofleadershippriorities,byunderstandingandrespondingtocomplianceandregulatoryconcerns,andbymoreclearlydefiningonapracticallevelwhatsharingmeans,achievinganinformation-ledapproachtocybersecuritybecomesanachievableandnecessarybusinessprerogative.Topreventcybercrimeandreduceitsimpactonindividualsandbusinesses,public-privatecooperationisessential.Movingbeyondreportingtorealinformationanddatasharingbetweencompaniesandpublicagenciesistheonlywaytoidentifyandunderstandthethreatandacttocounterit.INTERPOL’sProjectGatewayoffersalegalframeworkforprivateentitiestoshareinformationandcollaboratewiththeOrganization.UnderpinnedbyINTERPOL’suniqueglobalplatformandrangeoftools,thiswillenabletheenhancedaggregationofdataandthreatanalysisandresultinmoretargetedandeffectiveoperations.”JürgenStock,Secretary-General,InternationalCriminalPoliceOrganization(INTERPOL)TheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 5MakinginformationsharingaC-suiteprerogativeCybersecuritycannotbeaddressedsolelyasatechnicalissueandmustbemanagedasamaterialbusinessrisk.Atthe2015FinancialServicesRoundtablefeaturingthelargestintegratedfinancialservicescompaniesintheUnitedStates,bankCEOsdiscussedsystemicriskstotheirfirmsandtheindustry.Theyagreedthattheimpactthatcyberincidentscouldhaveonoperationalresiliencywasatoprisk.Thepotentialofacyberattacktodisruptcriticaloperations,puttingthebanks,theircustomersandtheglobalfinancialsystematrisk,wasmaterialandgrowing.TheCEOsacknowledgedthreekeyfacts:Theadversarywasgettingmoresophisticatedandwashighlycollaborative.Despitethesignificantinvestmentsbeingmade,thebankswerefallingfartherbehind.Thatmeantthestatusquowasnotacceptable.

Ahigherlevelofcollaborationandcollectivedefenceamongthebankswasrequired,aswasrealengagementwithgovernmentandothercriticalsectorstoprotecttheirfirmsandtheglobalfinancialsystem.TheCEOsdidnotjusttalkabouttheissue;theypersonallyengagedwithgovernmentofficialsandputtheirmoneyandstaffbehindaremedy,collectivelyfundingthecreationoftheUSFinancialSystemicAnalysis&ResilienceCenter(FSARC),nowtheAnalysis&ResilienceCenter(ARC).Thechallengesassociatedwithcyberattacksandthefinancialfraudstemmingfromsuchincidentsarebiggerthananyoneinstitution,andthisissomethingthefinancialsectormustfacetogether.Wearestrongerandmoreresilientwhenweworkcollectivelytounderstandtheevolvingtacticsofcyberadversariesandtodeepenthelayersofdefenceagainstsuchattacks.BillNelson,PresidentandChiefExecutiveOfficer(2006-2018),FS-ISACTheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 6Theworldhasseenasignificantriseinsophisticatedcyberincidentsoverthepastfewyears,rangingfromtheSolarWindsandColonialPipelineattackstouncountableransomwareincidents.Whileaspectsoftheeventsarenotnew(disclosureofdata,theftofmoney),theirscaleandescalationhaveheightenedthefocusoncybersecurityandoperationalresiliencybycorporateleadersineverysectoroftheeconomy,membersofthemediaandgovernmentofficials.Thesilverliningtotheincreasedcyberthreatisagrowingunderstandingthatabadcyberdaycanposeanexistentialthreattoacompany.Cybersecuritycannotbeaddressedsolelyasatechnicalissueandmustbemanagedasamaterialbusinessrisk.Thisrealizationhasamplifiedthefocusofmanagementteamsandboardsofdirectors.ThiscombinationofincreasedfocusandcollectivevulnerabilityoffersanopportunityforCISOstoengagetheirC-suitestoseektheiractivesupporttoenhancecollaboration,betterdefendandprotectorganizationsagainstthesethreats,andimprovethesecurityandresiliencyofthecollectiveecosystem.OnespecificactionaCISOcantaketobetterengagewithseniorexecutivesistoscheduleacyberthreatinformationbriefingfortheirC-suiteexecutivesandboardofdirectorswiththeirrelevantlawenforcement/governmentalagency.PresidentBiden’s12May2021ExecutiveOrderonImprovingtheNation’sCybersecuritystartswiththeneedforbettercyberinformationsharing.

TheEuropeanUnionAgencyforCybersecurity(ENISA)statesonitswebsitethat“EuropeanlegislationliketheNISDirectiveandtheCybersecurityActnourishthecreationofsectoralISACsandpublic-privatepartnershipswithintheEU”.TheEU’sDigitalOperationalResilienceActalsoproposestospecificallydevelopinformationandintelligencesharingprotocols.Theprivatesectorshoulddriveengagementininformationcollaboration.Thiscanseemunnaturalincompetition-drivenbusinesses,buthistoryhasdemonstratedthatcybersecurityisneitheracompetitivenorananticompetitiveissue.Mutualsuccessrequiresawillingnesstoworktogether.Anactiveinterestincollaboratingoperationallyisnecessarytoshareobservations,lessonslearned,bestpracticesandintelligenceinordertoprotecttheenterprise,itsclientsandtheecosystem.Asaresult,whencompanyleadersmakesharingarealpriority,ithasachancetosucceed.Incontrast,informationsharingeffortsoftenwitherwithoutsustainedsupportfromthetop.Effectivesharingrequirescontinuoussupport;theCEOandotherseniorcompanyofficialsmustmakecyberthreatinformationsharinganongoingpriorityforittobeimpactfulandsustainable.Aplatformoftrustandcommunicationtofacilitateinformationsharingamongsectorsandbusinessesisnecessarytoshareactionableinsightswithotherstakeholdersforsituationalawareness,andtodetectandrespondtocyberthreatspromptly.CyberSecurityAgencyofSingaporeTheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 7ManagingcomplianceandregulatoryconcernsSharingagreed-uponinformationiscertainlymorebeneficialthanharmfultocompanies.Despitetheimportanceofsharing,neitherthepublicsectornortheprivatesectorisactingquicklyenough.Whataresomeofthefactorsimpedingprogress?Oneisthatitmaybedifficulttoshiftfromacompetitivetoacollectiveperspective;safeguardingcompanyinformationisingrainedtosuchanextentasthestatusquothatsharingmayseemantitheticaltogoodbusinesspractice.WiththeproperC-suitesupport,however,thisbarriercanbeovercome.Otherbarriersraisedoftenrelatetotheprotectionofintellectualpropertyandproprietaryinformation,andtheperceivedlegal/regulatory/compliancebarrierstosharing.Yet,organizationscanaddressconfidentialityandbalancetheprotectionofproprietaryinformationwithtriedandtestedsharingprotocolsthatdonotrequirebusinessestodivulgesensitivematerial.Giventhesechallenges,CISOsmustworkwiththeirlegalandcompliancepartnerstohelptheirorganizationsovercomethebarriersandimproveinformationsharing.LegalcounselscanworkwithCISOsoncyberinformationsharinginthefollowingkeyareas:

DefiningthetermsandconditionsIntheabsenceofgovernmentaldirectivesoncybersecurityinformationsharing,itisuptocorporatelegaldepartmentstodeterminethe“termsandconditions”whenenteringintocollaborativeagreements.Someoftheserightsandobligationsmayinclude:–Ensuringrulesofinformationsharingthataccountfordataresidencyandcross-borderissues–Safeguardingconfidentiality,throughtheuseofnon-disclosureagreements–Complyingwithexistingregulatoryrequirements–Definingwhoreceivesthedataandwhattheyareallowedtodowithit–Determiningthemostsecurewayofprovidingcross-companydataThetypeofinformationthatissharediscrucialtooffsettingthisissue.Ifitisnuanced,actionableandreadilyavailabletosecurityteams,andparticularlywhenthecollaborationwithlawenforcementisTheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 8strong,sharingagreed-uponinformationiscertainlymorebeneficialthanharmfultocompanies.Termsofsharingshouldbewrittenintotheoriginalcontractswhenformingacollaborativenetwork.Wherepossible,leveragingexistingagreementssuchasthosewiththevariousISACsandtheUK’sCyberDefenceAlliance(CDA),amongothers,isadvisable.Ideally,governmentswouldprovidethemainguidanceontheseprocesses.However,intheabsenceofclearregulation,creatingrules,up-fronttermsandotherbestpracticeswillhelpfacilitatesharing.BuildingatrustframeworkAlthoughcontractscanofferaroadmaponhowtoproceed,trustplaysacrucialroleinthesuccessofanycollaborativeeffort.Itispossibletobuildtrustwithinacoalitionbysettingstandardsandrulesofbehaviourthateverypartnercanagreeupon.OneexampleistheTrafficLightProtocol,asetofdesignationscreatedtofacilitategreaterinformationsharing,adoptedbymostISACs.Tobeuseful,aminimumrequirementmaybenecessarytoensurethatcompaniesarenotgainingfromacollaborativeeffortwithoutcontributingtheirownresources.

Recommendationsincludelayingoutcleargroundrulesforconfidentialityandanonymizingdatatoprotecttheprivacyofindividuals.Leveragingemergingtechnologycapabilitieswherepossibletoprotectpersonallyidentifiableinformation(PII)isalsoadvised.Atthesametime,itisimperativetoacknowledgethatnotalldataishighlysensitivePII.Acleardataidentificationsystemcanhelptoalleviatethispressure.Althoughinformationsharingentailscompliancecosts,bettersecuritywillbenefiteverybusinessinthelongterm.Private-sector-ledcross-sectorinformationsharingshouldcreateanimpetusforclearerlegislationonsharingacrossborderswithdataresidencyandsovereigntyimplications.Expandingcooperationbenefitseveryone,andacodeofbestpracticesbuildsastrongercoalitiontoprotectcollectivesecurity.Untilgoverningbodiespasslegislation,companiesmustcontinuetodependontheirlegaldepartmentstocreateapathforward,basedonestablishedprecedent.TheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 9Defining“sharing”onapracticallevelItisessentialtorethinkhoworganizationsengageincollaborationandtherequirementstomakeitsuccessful.Evenifanorganizationfollowsalltheabove-mentionedrecommendations–recognizingthevalueofinformationsharing,obtainingitsCEO’sapprovalandresolvingtheGeneralCounsel’squestions–makinginformationsharingworkcanstillprovechallenging.Industryandgovernmentpartnersthathavepreviouslydiscussedpartnershipsincybersecurityhaveprimarilyfocusedoninformationsharingasatransaction.However,thesharingneedstobecontinuousandperpetual–activeduringbothheightenedanddecreasedthreatperiods.Tobenefitallthoseinvolved,collaborationshouldoccurintrustedphysicalandvirtualenvironmentsandshouldbeeasierandmorestreamlined,withclarityonentrypointsaswellasrolesandresponsibilities.Bycollaboratingwithinaknownandtrustedcommunity,“circlesoftrust”areestablished.AsdescribedbyChrisJohnsonetal.inNISTSpecialPublication800-150entitled“GuidetoCyber

ThreatInformationSharing”,“organizationscanleveragethecollectiveknowledge,experience,andcapabilitiesofthatsharingcommunitytogainamorecompleteunderstandingofthethreatstheorganizationmayface.”Usingthisknowledgeallowsanorganizationtomakebetterinformeddecisions,andcreatebetterthreatdetectiontechniquesandriskmitigationstrategies.“Bycorrelatingandanalyzingcyberthreatinformationfrommultiplesources,anorganizationcanalsoenrichexistinginformationandmakeitmoreactionable.”Fourstepscanshifttrueinformationsharingfromconcepttoreality:–Preparingthecompany–Identifyingpartners–Understandingwhattoshare–ProtectingprivacyTheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 10Preparingthecompany–Determininginformationrequirements–Thechallengestemsfromthesheervolumeofinformation.Tosortthroughtheoceanofintelligence,organizationsneedtodeterminetheirinformationrequirementsbasedonthecybersecuritydecisionstheircompanyneedstomake.–Selectingtherighttypeofinformation–Onceabusinessunderstandsitscybersecurityusecases,itthenmustselecttheinformationthatsupportsthoseusecases.Identifyingpartners–Allorganizationswishtoreceiveintelligencebutfortheretobeanyrelevantinformationtoreceive,someonehastoshareitinthefirstplace.Aswiththeinformationconsumed,theinformationanorganizationsharesbackandhowitdoessodependonitssituation.–Sharingbackdoesnotmeananorganizationmustshareeverything,butitdoesrequiresharingtobebidirectional.–Sharingnetworksneedtosupportmultipletypesofsharingpartnerships.FIGURE Asamplesharingecosystem

–Manytypesofinformationexist,rangingfromtechnicalindicatorstothreatactorprofilestodefensivemeasuresandbestpractices.–Integratingsecurityactionsinbusinessactivities–Thisstepinvolvesintegratingtheinformationinthefirm’ssecurityandbusinessdecisions.–Ensuringsustainability–Weavinginformationsharingintotheday-to-dayactivitiesofcybersecuritystaffandprovidingregularfundingarecriticalforsuccess.–Thefastestwaytoachievesharingistobuildontopofanexistingnetworkwheneverpossible.–Sharingisatitsmostimpactfulwhenitisbuiltoncirclesoftrust.WithintheISACs,circlesoftrustareoftenformedbetweentheleadersofthesecurityoperationsandintelligenceteamsfromthevariousparticipatingcompanies.–Onekeyrecommendationistothinkaboutcirclesoftrustoccurringatvariouslayersofanorganization,goingbothdeeperwithintheorganizationbutalso,andmorecritically,higherwithinitsothatCISOsandCIOsarealsotalkingtoeachother.CompanyA’sclientsSectorISACOtherISACsCompanyBCompanyALawenforcement&governmentCompanyA’svendors&partnersISAC=InformationSharingandAnalysisCentreSource:GlobalResilienceFederation TheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 11Understandingwhattoshare–Thegoalsofsharingmustnotbearbitrary.Theyshouldbedeterminedbywell-definedusecasesthatfallintooneofthefollowingcategories:–Protectingthefirm’sabilitytooperatesafely–Protectingthefirm’sclients–Protectingthesafetyandsoundnessofthe“system”–Protectingthenation’scriticalinfrastructure

–Often,theperfectistheenemyofthegood,asorganizationsassumethatbecausesomeinformationistoosensitivetoshare,theycannotshareanythinguseful.–Someinformationisalmostalwaysbetterthannoinformation.–Knowingwhatmayproveusefultoanothercompanyisusuallyimpossible,soerringonthesideofsharingmakessense.Protectingprivacy–Akeyconsiderationwhensharingishowtosharewhilecomplyingwiththevariousinternationalprivacyregimes.–Anewbroadrangeoftechnologiescalled“privacy-enhancingtechnologies”(PETs)hasemergedtoaddressthischallenge.–PETsenableorganizationstosharedatawhilepreservingprivacy,securityandregulatorycompliance.

–AvarietyofPETsareavailabletoday,includinghomomorphicencryption,securemultipartycomputationanddifferentialprivacy,eachofwhichofferssolutionstodifferentcollaborationchallenges.–Inparticular,homomorphicencryptionhasbecomepopularinorganizationsthatendeavourtocollaboratewiththeirecosystemonsensitivedatawhileprotectingtheirbusinessinterestsandcomplyingwithdataprivacyregulations.TheBusinessImperativeofCyberInformationSharingforOurCollectiveDefence 12ConclusionTheescalatingcyberthreatenvironmentpresentsariskofoperationaldisruptiontoeveryenterprisetoday.Attheextreme,attackscanposeanexistentialthreattoacompanyor,worse,canleadtothelossoflife.Tohaveanychanceofsuccessfullydefendingthemselves,enterprisesmustacceptandadoptacorephilosophyofcollectivedefence;truecyberinformationsharingisatthecentreofacollectivedefencestrategy.Informationsharingisvitallyimportantforaneffectiveapproachtocybersecurity.IntheUnitedStates,forexample,theCybersecurity&InfrastructureSecurityAgencyand,intheEU,ENISAbothhaveidentifiedinformationsharingasessentialtoimprovingtheworld’scybersecurityriskposture.

Aswithanybusinesspriority,successreliesontheactivesupportandengagementoftheC-suite,andtraditionalreluctancestemmingfromcompetitive,regulatorycomplianceandprivacyperspectivesmustbeputaside.Achievingtruecyberinformationsharingisabusinessprerogativethatrequiresanappetiteforcollaborationandswiftactionbyallorganizations.Cyberistheultimateteamsport,andweneedtocreateanenvironmentwherethechallengesexperiencedbyonecompanyleadtothebenefitofmanycompanies.Intelligencesharingisacriticalcomponentinourabilitytoachievethatgoal.”Admiral