The spirit of necessity has taken hold and U.S. Cyber Command, the National Security Agency (NSA) and even the Department of Homeland Security (DHS) along with the office of the Director of National Intelligence (ODNI) are sharing cyber intelligence with critical infrastructure providers and technology companies in the private sector.
Of course this is done on a case by case basis and there clearly needs to be an identified threat and of course a need to know.
Last week information was made public that back in the spring of 2010 Gen. Keith Alexander, Commander of U.S. Cyber Command who also heads NSA, and other high ranking members of government organizations, gave classified briefings to CEOs of leading U.S. technology companies about the current cyber threat situation.
Some have speculated this “scared” them into increased cooperation. But that it is what was necessary given the current level of cyber threats that seems to increasing exponentially.
This is not just a U.S. problem or risk mitigation initiative. It appears that the British Government Communications Headquarters (GCHQ) privately warned Whitehall and high value British business targets in the same general time period.
This is a very delicate and difficult balancing act since some critical infrastructure providers do not have executives nor security staff with active clearances even though that number has been reduced in past years.
This sharing of cyber intelligence could be why many of the top technology companies recently have come out in support of the highly controversial Cyber Intelligence Sharing and Protection Act (CISPA) that is still in the legislative process.
Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute where he provides consulting services on strategic technology and security issues. He writes a weekly blog for Breaking Gov on the topic of cyber intelligence.