Cybersecurity First Principles: A Reboot of Strategy and Tactics by Rick Howard

Author:Rick Howard [Howard, Rick]
Language: eng
Format: epub
ISBN: 9781394173099
Published: 2023-05-02T00:00:00+00:00

The First ISAOs Arguably, the FBI founded the first ISAO in 1996, although the community wouldn't have a name for it until two decades later. They called it the InfraGard National Members Alliance, or InfraGard National, and designed it to facilitate information sharing between law enforcement and the private sector.69 InfraGard isn't a CERT, although it does some of the same things a CERT does, and it isn't an ISAC because it doesn't service one of the U.S. government's critical infrastructure sectors. It's a different thing. The FBI was way ahead of its time in establishing InfraGard by realizing that other communities of like‐minded people might want to share intelligence on their communal set of existential threats, in this case cybercrime.

In the early days, and even still today, one of the recurring stumbling blocks in the information sharing space is the fear that the act of sharing any information about cyberattacks would come back to bite the sharing member in the form of lawsuits. Lawyers from victim organizations worry that their name would become public knowledge and subject the brand to customer lawsuits from people who thought the organization didn't adequately protect their personal data. These lawyers weighed the risk of those potential lawsuits against the benefit of sharing the information with the community and found it wanting. It wasn't until much later that sharing organizations realized that the intelligence they needed to share didn't involve anything about the victim but should focus on how the adversary traversed the intrusion kill chain to be successful. In other words, share the hacker's TTPs, not the details about what happened to the victim. By sharing that intelligence with the community, everybody could be better protected.

In 2015, U.S. President Obama signed Executive Order 13691 establishing the ISAO framework that made it legal to share information about cybersecurity incidents without fear of prosecution.70 ISAOs are sector‐agnostic and can be any group of like‐minded organizations, like the Cyber Threat Alliance. The Executive Order also established a funding path for an ISAO standards organization. I actually worked as the co‐chair to the Security and Privacy Committee to help get it started. As of this writing, there are just over 90 ISAOs officially registered with the ISAO standards body.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.