Analyst Jon Oltsik wrote a good summary of the White House Summit on Cybesecurity and Consumer Protection at Stanford University on 13 February 2015, and suggested that President Obama's initiatives still leave some gaping questions. Oltsik makes some great points and I am glad that people like him are watching closely how this Administration addresses cybersecurity. I agree with him that there are not a lot of details in the President’s initiative. But since Palo Alto Networks was one of the companies that benefited from this event (see our highlight reel here), let me take a semi-opposing view.
I don’t think it is the president’s role to lay out a detailed plan for cybersecurity. His job is to grease the skids so that the rest of us can move forward, but also have enough wiggle room to make course adjustments along the way. Oltsik is right that sharing threat information is not a new idea. But when President Clinton established the ISAC concept back in 1998, he provided no details, nor did he provide any resources to make it happen. He just sort of said, you critical infrastructure verticals should share threat information with each other. Who knew that more than 15 years later the FS-ISAC would be the premier information-sharing group on the planet that everybody should emulate? The benefits that might ultimately materialize from President Obama's initiative are years down the road. They will not happen tomorrow.
Oltsik was also right to point out that we need to stay vigilant about privacy, and that the country still has not reconciled itself about the idea that government needs to be able to pursue two seemingly opposing objectives: seeking primacy in offensive warfare capability and seeking efficiency in sharing the very techniques that would encompass an offensive warfare capability with the network defenders from both the commercial space and the government space. We are not there yet but articles like Oltsik’s keep the conversation going.
From my point of view, the President’s initiative seems to be focused on making it easier for the commercial sector to share threat information with the government but not the other way around. I will be watching that closely.
I am optimistic. The time is right to collectively up our game with this threat information sharing idea, not just talk about it at industry conferences and government symposiums. I believe that threat information sharing is the secret sauce that will allow all of us to stay ahead of the agile adversary. It is the reason that Palo Alto Networks helped to stand up the Cyber Threat Alliance nearly a year ago and why other organizations have joined us. Organizations like the FS-ISAC and the DCISE (DIB Collaborative Information Sharing Environment) have broken new ground for the cybersecurity community for the past decade. We have settled on a standard: STIX and TAXII. It is time to take it to the next level, but it will take time. President Obama’s initiative is a first step and important for getting everyone’s attention focused on the same things.
Leave a comment below and let me know what you think.