In our last post, Shawn Henry, president of CrowdStrike Services and sought-after cybersecurity expert, talked with us about cybersecurity trends in 2014 and 2015. In this installment of that conversation, Henry shared his thoughts about the battle-taking place on computer networks across the United States and how intelligence sharing by the government to the private sector and vice versa can alleviate the intense fighting for safe and secure networks.
“We may not see it in 2015, but ‘Nirvana’ for me would be that open channel of communication where the private sector could share intelligence regarding adversary breadth and activity directly to the government in an anonymous way,” Henry said. “And the government could share specific indicators directly to the private sector so they could better protect their networks, all at the speed of the network”
Currently there is not an effective way for the government to share adversary tactics with the private sector, so private sector companies are literally fighting battles with foreign governments over cyberspace.
“The government has vital information that isn’t being shared with the private sector, and the private sector suffers,” Henry said. “Today, the private sector is literally doing battle with armies in foreign countries. They are fighting battles on their networks with military units from foreign governments, and the private sector hasn’t fought military units from foreign governments on American soil since about the Revolutionary War.”
Henry explained that the government often cannot share intelligence because it is classified. “I think the government needs to change the way they look at cyber intelligence so it can do what it is supposed to do: protect its citizens,” he said. “It is very different from the way the government collects data against terrorist threats or a physical-world kinetic attack, for example.”
Henry said that it is similar in this way: “If I know that five people are likely to break into your house tonight, and I can give you pictures of those five people, you can protect yourself. You can literally look through the peephole in the door and see if it is someone you know or someone you should be protected against. If it is your sister, you let her in. If it is one of the five people I warned you about, you call the police.”
Because the government approaches cyber in a classified way, they cannot always share the “picture” or signature of the threat. “To get something de-classified is a long, slow, arduous process. If it was just collected in an unclassified way, it would provide the mechanism to allow it to be shared directly with the private sector.”
Henry believes the time is now for a debate and discussion about information sharing around cyber threat, intelligence and security. “I think there is a way that companies and the government can collect that type of information and share it in a way that makes them both feel comfortable and not threatened. They can help each other by providing information of value and create a better way to stand united against the adversaries together.”