Trust in Sharing Information Begins with a Trusted Sharing Environment

Organizations have been sharing digital threat information with one another for decades. But much has changed in how those strategic partnerships operate.

Perhaps no one understands these developments better than John Carlson.

As chief of staff of the Financial Services Information Sharing and Analysis Center (FS-ISAC), Carlson is integrally involved in building an organization that fosters trusted information and analysis sharing among the FS-ISAC’s 7,000 member financial institutions and partner organizations. Carlson is also involved in the development of cybersecurity exercises to simulate cyber attacks and improve the ways financial institutions and government agencies might respond.

Companies didn’t used to share information with one another so openly. Carlson describes this change as nothing less than “remarkable”:

“20 years ago, organizations shared information only with other companies that they trusted. As such, most of these sharing channels were informal and did not adhere to defined rules with respect to how information should be shared. Those rules didn’t exist, after all. But things have changed considerably since then. With over 7,000 member organizations based in over 38 countries, FS-ISAC serves as a distribution platform by which companies can gain a sense of what’s happening in the environment at any point of time regarding the volume and severity of various attacks and key vulnerabilities.”

Carlson intends to expand upon the work of FS-ISAC at Borderless Cyber Europe 16 on 8-9 September at the European Commission in Brussels, Belgium. Specifically, he will discuss FS-ISAC’s commitment to automating the sharing of information and the corporation’s support of other sectors to create information sharing frameworks, among other points of interest.

Ultimately, Carlson sees strength in organizations being able to share with one another:

“By creating a trusted environment where organizations can share information, and by promoting techniques through which companies can shape the way information is shared, FS-ISAC creates trust among enterprises in sharing information without them fretting over legal liability.”

He hopes attendees will see the benefit of a private sector organization fulfilling an important role regarding information sharing, and he encourages any company who’s currently not part of an intelligence sharing organization to join one.

Carlson also hopes his presentation will help reveal how robust membership in information sharing corporations helps communities stay on top of changes in the threat environment and opens the way for broad collaboration on a number of initiatives.

In his mind, collaboration is indispensable when it comes to defending against digital threats:

“Going forward, the best model for success is collaboration. Collaboration among FIs, collaboration with government agencies (such as law enforcement agencies), collaboration with the broader technology community and other interdependent sectors such as telecom and power and a focused effort on updating laws and regulations to better match the realities of our inter-connected industries, government, and lives.”

For more information on Carlson’s upcoming talk, click here.

You can learn more about and register for the Borderless Cyber Europe conference here.

NO COMMENTS

LEAVE A REPLY