Government and private sector must share intelligence more effectively to avoid cyber threats

Over half of information security professional leads say IT departments are not prepared for potential security risks

Two-thirds of security information leads believe the lack of information sharing between public and private sectors is a cause for concern and only 4.8 percent would choose the government as their most trusted source for intelligence, a study has revealed.

In March 2013, the government launched the Cyber Security Information Sharing Partnership (CISP) to enable government and industry to share information on cyber threats in real time. Around 300 companies across a range of sectors were exchanging data via CISP as of February.

Out of 1,149 respondents, 67.6% say that intelligence is not shared effectively between the two parties - a critical indictment of the relationship between the government and the information security industry.

"This is something that needs to be addressed urgently," said Brian Honan, founder and CEO of BH Consulting.

"Without better collaboration between industry and governments we are at a disadvantage against our adversaries. As threats and the capabilities of those looking to breach our systems evolve we need to jointly respond better in how we proactively deal with the threat. We need industry and government to work together in ensuring a strategic approach is taken to enabling companies and citizens to be more aware of the threats to their data, to educate them in how to deal with the threat, and finally how to work together at national and international level to tackle the threats we face."

Infosecurity Europe's report also confirms the expansion of big data's effect on security within the business, with 18.6 percent of all survey respondents saying there is simply too much data to draw conclusions from and 42.6 percent reporting that the deluge of intelligence hinders the protection of information.

Although just over half of information leads surveyed believed the industry is coping with the ever-expanding data banks, 30.5 percent feel their organisation cannot make effective strategic decisions due to data growth. Just under half of respondents felt their department was suffering from 'short termism', and leaping from threat to threat.

Chief Information Security Officer (CISO) at Elvesier, David Cass, said: "The way information security is perceived is changing and events such as the Edward Snowden affair have taught both government and industry several valuable lessons.

"Threats to security and privacy occur from outside and inside organisations. The complexity of today's threat landscape is beyond the capability of any one company or country to successfully counter on their own. Experience shows there's clearly more work to be done until businesses understand the importance of information security to long-term strategy. This challenge, combined with the groundswell of data, supports the need for immediate change. Part of this change requires better sharing of information between government and industry."

Further, 58.9 percent of the 1,149 of respondents to Infosecurity Europe's survey, believe their IT department does not exert enough pressure on IT strategies to avoid infrastructure weaknesses and potential security risks.

The Infosecurity Europe Industry Survey: Security as a business enabler quizzed 1,149 Information security professionals across the private and public sectors within the UK and internationally. Over half of respondents were in the UK and 93 percent of all respondents were male.

Join the CSO newsletter!

Error: Please check your email address.

Tags infrastructuresecurity

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Margi Murphy

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts