{"id":27273,"date":"2015-01-29T10:40:01","date_gmt":"2015-01-29T18:40:01","guid":{"rendered":"http:\/\/blogs.microsoft.com\/cybertrust\/?p=27273"},"modified":"2023-06-23T09:50:18","modified_gmt":"2023-06-23T16:50:18","slug":"info-sharing-testimony","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/","title":{"rendered":"The Importance of Effective Information Sharing"},"content":{"rendered":"

\"SCharney2<\/p>\n

This week, I testified <\/a>before the\u00a0U.S. Senate Committee on Homeland Security and Governmental Affairs at a hearing on \u201cProtecting America from Cyber Attacks: the Importance of Information Sharing.\u201d It was good to see that the committee\u2019s first hearing of the 114th Congress focuses on cybersecurity issues generally, and information sharing in particular, and I\u2019d like to summarize the key points of my testimony.<\/p>\n

There is no doubt that cybersecurity is an important issue for America, other nations, the private sector, and individuals. In an effort to better understand and help address the challenges we face, I regularly engage with government leaders from around the world, security-focused colleagues in the IT and Communications Sectors, companies that manage critical infrastructures, and customers of all sizes. From those interactions, I have concluded that cyber-attacks have joined terrorism and weapons of mass destruction as one of the new, asymmetric threats that puts countries, corporations, and its citizens at risk.<\/p>\n

With global threats, global actors, and global networks, no one organization \u2013 public or private \u2013 can have full awareness of all the threats, vulnerabilities, and incidents that shed light on what must be managed. There is no doubt that sharing such information can and has protected computer users and increased the effectiveness of the security community\u2019s response to attacks. For example, in 2009, the Conficker Working Group came together to share information and develop a coordinated response to the Conficker worm, which had infected millions of computers around the world. After the working group developed a mitigation strategy, Information Sharing and Analysis Centers (\u201cISACs\u201d) were mobilized, company incident response teams were activated, government responders were engaged, and the media reported as milestones were reached and services were restored. The challenge was addressed, and quickly.<\/p>\n

Why is it, then, that after 20 years of discussion and proof of effectiveness, information sharing efforts are viewed as insufficient? The short answer is that while there are success stories, it is often true that those with critical information are unable or unwilling to share it. They may be unable to share it due to law, regulation, or contract, all of which can create binding obligations of secrecy and expose a company to legal risk if information is shared. Even when those restrictions permit sharing pursuant to authorized exceptions, legal risks remain, as parties may disagree on the scope of the exception. There are also non-legal, non-contractual risks; for example, a company that discloses its vulnerabilities may suffer reputational risk, causing both customers and investors to become concerned. It may even suggest to hackers that security is inadequate, encouraging other attacks.<\/p>\n

With all these challenges in mind, we believe there are six core tenets that must guide information sharing arrangements:<\/p>\n

1. Information sharing is a tool, not an objective.<\/p>\n

2. Information sharing has clear benefits, but poses risks that must be mitigated.<\/p>\n

3. Privacy is a fundamental value, and must be protected when sharing information to maintain the trust of users \u2013 individual consumers, enterprises, and governments \u2013 globally.<\/p>\n

4. Information sharing forums and processes need not follow a single structure or model, and governments should not be the interface for all sharing.<\/p>\n

5. Government and industry policies on information sharing should take into account international implications.<\/p>\n

6. Governments should adhere to legal processes for law enforcement and national security requests, and governments should not use computer security information sharing mechanisms to advance law enforcement and national security objectives.<\/p>\n

Information sharing has and does work. But it works because the parties see that the benefits (better protection, detection and response) outweigh the risks. History also teaches, however, that information sharing tends to work best when those involved trust each other to respect informal and sometimes formal agreements (e.g., non-disclosure agreements) on information use and disclosure.<\/p>\n

The two most important things Congress can do are (1) ensure that the information sharing arrangements that are working effectively are left undisturbed; and (2) encourage additional information sharing by providing protections for shared information and addressing risks posed by information sharing, including privacy risks.<\/p>\n

You can read my full testimony here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

This week, I testified before the\u00a0U.S. Senate Committee on Homeland Security and Governmental Affairs at a hearing on \u201cProtecting America from Cyber Attacks: the Importance of Information Sharing.\u201d It was good to see that the committee\u2019s first hearing of the 114th Congress focuses on cybersecurity issues generally, and information sharing in particular, and I\u2019d like […]<\/p>\n","protected":false},"author":61,"featured_media":27303,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3659],"topic":[3674,3675],"products":[3854,3720],"threat-intelligence":[],"tags":[3753,3772,3822],"coauthors":[2736],"class_list":["post-27273","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-best-practices","topic-incident-response","topic-information-protection-and-governance","products-microsoft-incident-response","products-microsoft-security-experts","tag-cybersecurity-policy","tag-government","tag-microsoft-security-insights"],"yoast_head":"\nThe Importance of Effective Information Sharing | Microsoft Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Importance of Effective Information Sharing | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"This week, I testified before the\u00a0U.S. Senate Committee on Homeland Security and Governmental Affairs at a hearing on \u201cProtecting America from Cyber Attacks: the Importance of Information Sharing.\u201d It was good to see that the committee\u2019s first hearing of the 114th Congress focuses on cybersecurity issues generally, and information sharing in particular, and I\u2019d like […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2015-01-29T18:40:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-23T16:50:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"851\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Scott Charney\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Scott Charney\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/scott-charney\/\",\"@type\":\"Person\",\"@name\":\"Scott Charney\"}],\"headline\":\"The Importance of Effective Information Sharing\",\"datePublished\":\"2015-01-29T18:40:01+00:00\",\"dateModified\":\"2023-06-23T16:50:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/\"},\"wordCount\":676,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg\",\"keywords\":[\"Cybersecurity policy\",\"Government\",\"Microsoft Security Insights\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/\",\"name\":\"The Importance of Effective Information Sharing | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg\",\"datePublished\":\"2015-01-29T18:40:01+00:00\",\"dateModified\":\"2023-06-23T16:50:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg\",\"width\":1280,\"height\":851,\"caption\":\"SCharney6 012815\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Importance of Effective Information Sharing\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Importance of Effective Information Sharing | Microsoft Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/","og_locale":"en_US","og_type":"article","og_title":"The Importance of Effective Information Sharing | Microsoft Security Blog","og_description":"This week, I testified before the\u00a0U.S. Senate Committee on Homeland Security and Governmental Affairs at a hearing on \u201cProtecting America from Cyber Attacks: the Importance of Information Sharing.\u201d It was good to see that the committee\u2019s first hearing of the 114th Congress focuses on cybersecurity issues generally, and information sharing in particular, and I\u2019d like […]","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/","og_site_name":"Microsoft Security Blog","article_published_time":"2015-01-29T18:40:01+00:00","article_modified_time":"2023-06-23T16:50:18+00:00","og_image":[{"width":1280,"height":851,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg","type":"image\/jpeg"}],"author":"Scott Charney","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Scott Charney","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/scott-charney\/","@type":"Person","@name":"Scott Charney"}],"headline":"The Importance of Effective Information Sharing","datePublished":"2015-01-29T18:40:01+00:00","dateModified":"2023-06-23T16:50:18+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/"},"wordCount":676,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg","keywords":["Cybersecurity policy","Government","Microsoft Security Insights"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/","name":"The Importance of Effective Information Sharing | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg","datePublished":"2015-01-29T18:40:01+00:00","dateModified":"2023-06-23T16:50:18+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2015\/01\/SCharney6-012815-e1422556287490.jpg","width":1280,"height":851,"caption":"SCharney6 012815"},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/01\/29\/info-sharing-testimony\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"The Importance of Effective Information Sharing"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/27273"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=27273"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/27273\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/27303"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=27273"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=27273"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=27273"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=27273"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=27273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=27273"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=27273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}