Information sharing and accelerating response times in the face of crises
By Harold Byun, VP Products | April 2, 2020
In October 2019, the Center for Strategic and International Studies (CSIS) ran three simulated scenarios to map how nations, organizations and economies would respond in the face of a global crisis. The three scenarios were a nation state cyber attack and disinformation campaign against the U.S., a foreign military implementation of artificial intelligence, and a global pandemic of a highly transmissible coronavirus. The effort was aimed to inform policy makers of methods that could improve prevention and response, and highlight gaps or hindrances that could weaken our ability to respond to such a crisis.
Two of the major insights gathered from the scenario were that communication and cooperation across nation states, disparate parties and stakeholders were a critical factor in improving response. While that may seem like an obvious statement, especially in hindsight, it highlights a parallel between distinctly different types of crises and the need to accelerate detection and the dissemination of critical information. It also brings to light questions around why information is often not shared, and what can be done to make it easier.
One could broadly categorize the challenges in information sharing into two buckets. The first being an “unwillingness” to share information. Without casting judgment, this unwillingness may be rooted in several of the following reasons:
– a desire to hide information
– a desire to hide attribution and sourcing of the information
– competitive advantage in an industry or between nations
– general distrust of other entities who may access such information
– a desire to hide weaknesses to external parties
For example, in the security industry, as it relates to threat intelligence sharing, there’s a saying: “everyone consumes, but nobody participates” meaning everyone wants the benefit of easily confirming a threat, but are unwilling to share their own information.
The second challenge in information sharing can be generally categorized as bureaucracy from an oversimplified perspective. Bureaucracy that impedes data sharing can be associated with some of the following impediments:
– regulations governing storage, transmission and residency of data
– performing legal reviews and establishing agreements between multiple sharing parties
– security concerns over data access and handling
– lack of infrastructure to facilitate a common data repository
Within the context of the COVID-19 crisis, the need for sharing information and the lack of sharing in many scenarios has become evident to much of the world. Simply put, faster analysis and faster detection results in better prevention and containment.
Within the context of cybersecurity, the same principles apply — time to detect, confirmation of an incident, and time to contain have been longstanding metrics in the infosec industry to drive faster containment and eradication of a threat. In fact, several industry-specific information sharing and analytics centers (ISACs) and organizations (ISAOs) exist primarily for this purpose.
The challenge in all of these crisis scenarios remains how to communicate and cooperate at faster speed across multiple stakeholders. There are data sharing capabilities available right now that leverage privacy preserving analytics to facilitate anonymized and secure “sharing” of information.
The methods bypass bureaucracy by not revealing any private information and help eliminate many of the concerns that make data owners unwilling to share their information more broadly. As a result, these capabilities can help disparate organizations or nations respond more cohesively in the face of large-scale events.
If you believe there is benefit in accelerated response, I would encourage you to learn more about secure data sharing. Detect faster, respond faster across multiple entities. If we’ve learned anything from the above simulation or what’s happening in the real world today, faster detection and cooperation are key and it would be prudent to prepare for the next wave or event.
Learn more about Secure Data Sharing
Download our White Paper, “Enabling the Safe Sharing of Healthcare Information”
Download our White Paper, “Secure Data Sharing with SMPC”
Register to try our Secure Data Sharing Platform
Interested in finding out for yourself how you can securely share data across multiple organizations? Register for a free trial of our Secure Data Sharing plaform.