3 Reasons Cybersecurity Information Sharing Won’t Help Your Company

By Eric Noonan • January 14, 2015

In the wake of the Sony attack and tens of millions of cases of consumer credit card and personal information being compromised the White House is championing legislative proposals to help address the challenge of cybersecurity.  At the heart of the proposal, and many before this one is “Enabling Cybersecurity Information Sharing” which “promotes better cybersecurity information sharing between the private sector and government, and it enhances collaboration and information sharing amongst the private sector.” So, will better information sharing help the vast majority of companies prevent, detect or respond to cyberattacks? Probably not and here are 3 reasons why:

1. No Tools…

The vast majority of companies say under twenty billion in annual revenue, are not equipped to analyze and act on cyber threat data because they have not been resourced for the mission. Actionable intelligence is only useful if the company you provide it to has made the right investments to take appropriate action.

IP addresses, signatures, filenames, MD5 hashes and other actionable cybersecurity intelligence are mostly interesting but irrelevant if you don’t have a person, process, and technology to take the appropriate action. Handing off this kind of intelligence to an organization who has not made the appropriate Security information and event management (SIEM), Intrusion detection system (IDS), or similar investment will only serve to further exacerbate the problem.

2. You’ve Got Tools…

But not enough people to support them and certainly not any documented, repeatable, or ideally automated process to optimize them. This is where the vast majority of organizations find themselves, tool heavy and people and process starved. Sharing threat information with a tool heavy organization will further overwhelm the less than ten security professionals that typically try and deliver security for multinational corporations of twenty billion or less. Yes, less than ten full-timers delivering security is the norm so throwing tools at the problem is not the answer either.

Many readers can remember when you bought a Data Loss Prevention (DLP) tool in response to an internal audit and then another tool in response to something else and so the tool tree grew but few can probably remember resourcing the people and processes to support those tools.

3. No business plan for security…

Be as proactive as you can probably be in security and do an assessment of your entire security organization and its capabilities. This assessment will serve as your business plan for security and facilitate a conversation with your board that educates and informs.

Security assessments are like home inspections in that they give you an expert view of red flags, watch items and things that are in good shape for now. Without a comprehensive assessment and corresponding plan of action to address the findings you’re likely to have more tools than people to support them and when the FBI comes knocking with actionable intelligence you will be in the unenviable position of asking the government for help it likely can’t provide.

CyberSheath Blog

CyberSheath Opens Registration For CMMC CON 2022

RESTON, Va. — June 8, 2022 — Federal contractors have been searching for direction after seeing a flood of messaging about the future of Cybersecurity Maturity Model Certification (CMMC). The nation’s largest CMMC conference has returned to help contractors navigate their course through the evolving compliance landscape.   Hosted by…

5 Reasons to Partner with CyberSheath

The threat landscape is only becoming more complex. Offload the responsibility of navigating cybersecurity issues for your customers by taking advantage of CyberSheath’s new Partner Program.   As a pioneer and industry leader in the managed security service provider space, our new offering helps you achieve rapid results and deliver…

CMMC Compliance Training: How to Earn Your Black Belt

Contractors in the Defense Industrial Base (DIB) are looking for direction as Cybersecurity Maturity Model Certification (CMMC) 2.0 nears. Compliance with CMMC and Defense Federal Acquisition Regulation Supplement (DFARS) is your key to doing business with the Department of Defense (DoD) and we can help you navigate those requirements and…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO

CMMC CON 2022 is here! Save your spot to hear the latest on CMMC from our expert speakers across the government and Defense Industrial Base.