Skip to Main Content
Have library access? Log in through your library
Research Report


Jason Healey
Copyright Date: Feb. 1, 2015
Published by: Atlantic Council
Pages: 13
  • Cite this Item

Table of Contents

  1. (pp. 1-1)

    The Internet makes everyone neighbors in cyberspace, connected by a digital infrastructure that serves as the bedrock of their communities. But the neighborhood watch system is broken. The information sharing between well-intentioned residents of cyberspace is insufficient for defending against the myriad cyber threats that confront state and nonstate actors alike.

    Despite pockets of excellence, states and nonstates have not been able to effectively share information about cyber incidents and vulnerabilities. Cost structures and risks are often too high to justify the investment and time required for information sharing, especially when no one seems sure how to accurately measure its...

  2. (pp. 1-2)

    It has been more than fifteen years since cyber information sharing was first a government priority, featuring heavily in US President Bill Clinton’s Presidential Decision Directive 63 (PDD 63). That document created US government organizations to facilitate sharing and called on the nonstate critical infrastructure sectors to create Information Sharing and Analysis Centers (ISACs). Some of these ISACs have been effective (see box 1) but after a decade and a half, sharing has still fallen short of what the President intended.¹

    Aware of the benefits of enhanced information sharing, the Barack Obama administration now hopes to bolster cooperation across five...

  3. (pp. 2-4)

    If the benefits of robust cyber sharing are readily apparent, why is the current quality of collaboration so inconsistent?

    Put simply, the costs and risks of sharing currently outweigh the perceived value of a widespread information partnership. The status quo incentive structure encourages both firms and states to keep information close to the vest. In the private sector, information-security professionals are ever wary of backlash from customers or regulators, while governments keep too much information classified, or otherwise restricted from sharing. This is particularly true in the law enforcement and national security communities.

    When sharing does happen, it often occurs...

  4. (pp. 5-5)

    As of early 2015, new sharing projects have been launched in the United States. This is due to renewed energy for an information-sharing bill in Congress and a White House that has drafted a legislative proposal (and other projects) for information sharing.

    The 115th Congress has taken up information sharing in its very earliest days, continuing the momentum from its predecessors. In January 2015, Representative Dutch Ruppersberger of the House Intelligence Committee reintroduced the exact same Cyber Intelligence Sharing and Protection Act (CISPA) sharing bill that passed the House in 2014.10 The bill stalled in the Senate—in part from...

  5. (pp. 6-7)

    Practical solutions can increase the positive value and trust of sharing—enabling and encouraging future collaboration—and can reduce the associated expense and risk. The best alternatives will be built to achieve both of these goals.

    In order to ratchet up the value and trust of sharing while limiting the costs and risks, policymakers and practitioners in both the private and public spheres should concentrate their efforts on three key areas.

    First, the United States is focused on reducing the transaction costs of cyber sharing, to subsequently shorten on-ramps for building trust. It should continue these efforts, and should add...

  6. (pp. 7-7)

    Cyber sharing is hard. Too much information remains classified. The economic incentives are misaligned and the risks are high in what many organizations perceive as uncharted territory. But the benefits of sharing information can be significant. Organizations can learn valuable insights about their adversaries, the types of systems and information being targeted, the techniques used to gain access, and indicators of compromise.

    Continuing to add more examples of successful collaboration will help build momentum for future sharing. It will take time to shift from a system of informal and semi-structured networks and relationships to a formal, institutionalized approach. Deepening the...