The Foundations of the Information Sharing Ecosystem

Last Friday, the ISAO SO reached an important milestone when it published four initial voluntary guideline documents aimed at improving the nation’s cybersecurity posture. These documents are the building blocks of a much larger movement, as they demonstrate how collaboration is needed to address the cybersecurity threat while providing a path forward.

So how did we get here? The collaboration and input of the tremendous team of experts that have contributed to the working groups is a testament to the benefits of working together. Information sharing is a key component of a robust and resilient cybersecurity strategy. Organizations on their own simply cannot see the full breadth of the risks they face within cybersecurity. While information sharing is only part of the arsenal of capabilities needed, without collaboration we cannot succeed. The cybersecurity threats to our nation and the global economy require the sharing of information in ways that Information Sharing and Analysis Organizations will be well-suited to accomplish.

ISAO 100-1 and ISAO 100-2 are the literal foundations of the information sharing ecosystem. These documents—Introduction to Information Sharing and Analysis Organizations and Guidelines for Establishing an Information Sharing and Analysis Organization—are critical to providing new and emerging ISAOs with the tools needed to succeed. With so much ground to cover to fully explore how ISAOs can enable effective information sharing, it was critical for the working group members to focus on discussing key introductory topics and considerations through the development of these documents.

The primary focus of ISAO 100-1 is to provide an introductory look at Information Sharing and Analysis Organizations. The goal of ISAOs is to create a deeper and broader network of information sharing to elevate the security of those entities participating in ISAOs first, and then, in aggregate, improve the security of the nation. The establishment of ISAOs allows communities of interest to share cyber threat information with each other in a safe and trusted environment, on a voluntary basis. With the combined expertise and support of the ISAO, participants can then collectively analyze the shared information to identify the most significant threats, effective mitigation strategies, and guidance on how to best prioritize efforts to improve protection, detection, response and recovery.

ISAO 100-2 addresses the application of these introductory topics and provides a set of key strategic planning factors to help emerging ISAOs consider the most critical questions. Beginning with establishing trust, a fundamental requirement to the success of the ISAO, ISAO 100-2 addresses a series of key operational considerations and factors for information sharing within an ISAO. It serves as an indispensable guide for the initial steps needed to create an active and effective ISAO.

These documents have been created with the collective wisdom of industry professionals that have a rich history with the information sharing ecosystem. They have already been downloaded and distributed to new, emerging and existing information sharing organizations. As the leader of a sharing organization that formed almost two years ago, I can say that the considerations provided by these initial guidelines will be extremely helpful in supporting the success of forming ISAOs, and the continued work of the ISAO SO will be pivotal in the continued growth and development of the cybersecurity information sharing ecosystem.