When a convenience store is robbed, the clerk calls the cops, gives a description of the crooks, and the cops go on the hunt. If the information and the police work are good enough, the cops will catch the perpetrators before another convenience store gets hit. That\u2019s the way law enforcement works.So why doesn\u2019t this kind of information sharing happen when it comes to computer crime?Fear. Executives are afraid they\u2019ll:Become a target. If they say they\u2019ve been hacked or have concerns of being hacked, they show their vulnerability. Like a wounded cub on the Serengeti Plain, the hyenas will move in to finish them off.Become a challenge. If, on the other hand, they say their systems are secure, it\u2019s like throwing down the gauntlet to hackers. "Either way, it [sets] us up as a target and a challenge for hackers," says an anonymous CIO in "Conspiracy of Silence," beginning on Page 92.Damage confidence (and revenue and valuation). If news leaks out to customers, it could hurt their confidence in the company. Investors might downgrade the company\u2019s stock. Even sharing the information within the inner circle could trigger a negative reaction among shareholders.These are serious concerns. But letting them drive behavior may be giving the bad guys the upper hand."Hackers share information," said computer crime fighter Gail Thackeray at a CIO Perspectives Conference in October 2000. "We don\u2019t. We need to share information between industry and law enforcement." Bruce Schneier, author of Secrets & Lies: Digital Security in a Networked World, agrees. "We need to publicly understand why systems fail. Secrecy only aids the attackers."Until corporations start sharing information with each other and with law enforcement about what\u2019s actually going on, the bad guys will keep the upper hand. And I\u2019ve got news for you: The real bad guys haven\u2019t even arrived on the scene yet.The recent move by Microsoft, Oracle, Cisco and others to form a security coalition is a promising step in the right direction, following the lead of three other industries (banking, telecom and electric) to share information within their community. But these coalitions are under no obligation to share information with law enforcement (and vice versa), and there are no early signs that they\u2019ll be inclined to do so.The FBI has plans of its own, rolling out its Infragard intrusion alert program on a national level (for more on this, see Martha Heller\u2019s Sound Off column at comment.cio.com\/sound.cfm?ID=85).Industry-only information sharing is fine if all you want to do is shore up your defenses. But once the real criminals and terrorists start working the Internet in an organized way (and it won\u2019t be long), don\u2019t you think you\u2019ll want to have the crime fighters in the loop? Let me know at firstname.lastname@example.org.