By Kent Landfield, Director of Standards and Technology Policy, Intel
In an effort to accelerate cyber information sharing, and in response to an Executive Order, DHS recently announced the formation of the Information Sharing and Analysis Organization (ISAO) Standards Organization. The organization is comprised of six working groups, and I’ve been appointed Chair of the Information Sharing Working Group. For those not familiar with ISAO effort, it had its genesis in February 2015 as part of President Obama’s Executive Order 13691, “Promoting Private Sector Cybersecurity Information Sharing,” which directed DHS to fund the enablement of a non-governmental organization that would identify a set of voluntary standards and guidelines for the creation, operation and functioning of cyber sharing and analysis. The intent is to expand the current sector-based model (financial, health, energy, etc.) of Information Sharing and Analysis Centers (ISACs), enabling the development of new, innovative types of threat information sharing organizations using standard, consistent interoperable interfaces and data formats. While this effort is in the very early stages, it is establishing foundational guidance that will drive the evolving cyber threat intelligence sharing and analysis eco-system going forward.
Information sharing is crucial because cybersecurity is a shared problem. We must make sure one organization’s detection is a community’s prevention. Most businesses today don’t have cybersecurity as their primary mission. This puts the onus on the private sector to contribute to and use trusted, shared intelligence ultimately augmenting and enhancing our collective security defenses.
As Chair of the Information Sharing Working Group, my hope is we can establish the use of standards, procedures and practices allowing for more interoperability between differing types of sharing organizations. Additionally, I’d like to see the guidance we develop be useful not only in the U.S. but globally. Cyber threats are not simply a U.S. problem; what we develop should be equally useful outside our borders. As such, the working group will be focused on:
- Developing guidance, procedures and standards for data from internal and external sources
- Analysis of threat, vulnerability and incident data sharing information within ISAO to its members
- Operational architectures and protocols for sharing information.
Both Intel and Intel Security are participating in multiple ways and on multiple working groups. In addition to my chairmanship of the Information Sharing Working Group, company representatives will participate on the core development teams for other ISAO’s working groups.
Intel and Intel Security are heavily invested in the development of industry-wide standards that will increase information sharing between and within the public and private sectors while ensuring the appropriate privacy protections are in place. I look forward to chairing this working Group. I trust we will make tremendous strides in the development of processes and procedures to further enhance information sharing that will help evolve the cyber threat intelligence sharing and analysis ecosystem.