Last week I had an interesting conversation with another
student in my class about sharing information in the cybersecurity field which led
me to think about how cybersecurity information is shared. If you really think about it, there is a lot
of information out there that suggests we are sharing information. The only downside to the plethora of information
that exists is it makes it difficult to learn about new and emerging threats as
they are discovered because they are spread across many resources. Sure, we can spend our days searching and
reading through resources, but who has time to do that? Wouldn’t it be great if there was a one stop
shop we could all go to learn and share information about new and emerging
cybersecurity threats?
Apparently I am not the only that has thought about
this. Efforts within our government are
on the way to develop and enact a cybersecurity bill that calls for the creation
of a system for sharing cybersecurity information as it is discovered between
public and private entities. The
proposed bill is called the Cybersecurity Information Sharing Act and is very
close to being enacted. Finally, a one
stop shop for us to utilize to learn about new and emerging cybersecurity
threats before we learn about them the hard way; when they strike our
organization.
Unfortunately, there is one major concern with the proposed
bill. That major concern is
privacy. Some believe the bill will jeopardize
our right to privacy since the information sharing system would open a backdoor
for companies to legally share their users’ private data (Greenberg,
2015). This is a major concern we are
all too familiar with after the big fiasco with the NSA breaking privacy rules
in the past. Do we really want to go
through something like that again?
In order to defend against cyber threats we are going to
have to figure out how to share cyber threat information and intelligence
without jeopardizing peoples’ right to privacy.
The Cybersecurity Information Sharing Act seems to be heading in the
right direction, but in its current state may threaten our right to privacy. Hopefully revisions to the bill will be made before
it is enacted and then we can use it to help us fight the battle against
cybercrime without infringing on our privacy.
References
Greenberg, A. (2015, April 22). House passes cybersecurity
bill despite privacy protests. Retrieved May 10, 2015, from
http://www.wired.com/2015/04/house-passes-cybersecurity-bill-despite-privacy-protests/
No comments:
Post a Comment