I’ve been saying similar things for years. Information sharing is the most powerful tool we have to fight back with…:
[…] We need to start exporting the weather tracking and reporting model to everything. The goal should be to work towards an international coalition or organization dedicated to sharing cyber intelligence, like the ones we use for weather. But the first step towards that system is for businesses, from engineers to boards, to realize that intel sharing is in their best interest, and in everyone’s.
If this is to be viable for companies and public institutions, governments first need to address the fear of retaliation. Regulators should provide enough wiggle room and not be too quick on the trigger when an attack is reported. Some form of safe harbor or legal immunity should be provided. Otherwise, if companies are punished for sharing intel and breach-related data, there is little to no incentive to actually share that data.