With its new Cyber Warning and Information Network, the Department of Homeland Security finally may have hit on the right model to ensure that the private sector shares cyberattack information with the feds—by getting information from security providers instead of the victims.First proposed in 2001 by former cybersecurity czar Richard Clarke, the program provides an information collection and dissemination network for government agencies and private-sector information security companies that clean up after cyberattacks. When a security breach occurs, network members have agreed to report the details to the network (run by DHS), which in turn would alert via e-mail and a telephone hotline others that may be at risk. It all comes at a good time because attacks are on the rise. According to one network member, vendor Internet Security Systems, the number of serious security threats will more than double this year compared with last.As outlined by the Bush administration, the network differs from previous initiatives in that it doesn’t depend on victims to notify the government of an attack. As such, says Alan Paller, research director with the SANS Institute, it avoids a major shortcoming of earlier efforts at cooperation that relied on companies to volunteer information. Officials, instead, obtain information about security breaches from the security service providers most large companies have on contract. As a model, think of the Centers for Disease Control and Prevention, which collects health information from doctors, rather than patients. The network is already live, says DHS spokesman David Ray, and was used to exchange information during the Northeast blackouts in August. Right now, says Peter Allor, manager of X-Force Threat Intelligence Services with Internet Security Systems, the government is choosing which vendors get to join—a factor, he says, of the high cost for DHS to connect new members to a private network that is not connected to the Internet. Unfortunately, because end user companies don’t participate in the service directly, CIOs will be able to benefit from it only if their security providers are members—for now leaving CIOs whose providers are not part of the system out in the cold when a serious attack occurs. Meanwhile, CIOs who have contracts with an approved network member need to make sure that their contracts include language that allows the contractor to report any security breaches that occur. Related content events promotion Australia's CIO50 Team of the Year Awards finalists revealed Along with the unveiling of the annual CIO50 List and the team category winners, the 2023 CIO50 Awards will also recognise the inaugural Next CIO winner and a new Hall of Fame recipient. By Cathy O'Sullivan May 31, 2023 3 mins IDG Events brandpost API security: key to interoperability or key to an organization? Understanding the risks of using APIs and how to prepare to address those risks. By Keith Zelinski, Managing Director, Technology Consulting May 31, 2023 6 mins Digital Transformation brandpost Designing the campus of the future starts with high-quality 10 Gbps connectivity By Huawei May 31, 2023 4 mins Network Architect Networking Devices Networking brandpost How an Indian real-estate juggernaut keeps growing by harnessing the power of zero A South Indian real-estate titan is known for the infinite variety and impressive scale of its projects, but one of its most towering achievements amounts to nothing literally. By Michael Kure, SAP Contributor May 31, 2023 5 mins Digital Transformation Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe