The Business Case for Cyber Threat Information Sharing

By Jesse Ward, Director, Industry and Policy Analysis, NTCA

In partnership with the Department of Homeland Security (DHS) and the National Institute for Hometown Security (NIHS), NTCA recently announced that it is exploring the creation of a new Cyber-Threat Information Sharing Forum for Small Network Operators. 

NTCA’s new cybersecurity pilot project will create a central, trusted environment to enable small network operators to share and receive information about cyber threats, vulnerabilities, best practices and/or mitigation activities. 

Indeed, a critical input into every organization’s cyber risk management plan is access to timely and actionable threat intelligence. Threats and attacks are constantly changing; in order to successfully protect and defend networks and assets, organizations need to understand the current threat environment. 
While participating in cyber-threat information sharing forums cannot guarantee that an organization will not experience a breach, experience shows that sharing information increases the ability to more effectively manage cyber-based risks. It also provides participants with the following core advantages:  

  • Industry Leadership: Active, voluntary engagement demonstrates the telecom industry’s commitment to cybersecurity. In an era of interconnected networks with increased focus by policymakers and regulators on cybersecurity, active engagement in information sharing forums demonstrates a corporate commitment to the security of your customers, business enterprise and the larger community. 
  • Access to Threat Information: Threat actors often use similar techniques to attack multiple companies across various industries. Information sharing forums provide access to reliable, high-quality threat intelligence – indicators of compromise, threat analysis and incident reports, to name a few categories – information that can help protect customers and businesses alike. By collaborating with others, small network operators will better understand the threats to their organizations and how to mitigate them.  
  • Enhanced Analysis: Engagement with the an information sharing forum provides participants with access to analysts from companies who are seeing the same threats and challenges. Those analysts can help identify and mitigate attacks, and share defensive practices and countermeasures. This collaboration exponentially increases access to talent beyond what is possible alone. 
  • Collective Defense: Participation in information sharing forums increases the overall security of the community since the information shared is used by others to protect their systems.  Further, those who benefit from information they receive become more likely to share with the community, creating a circular benefits cycle.   
  • Central Repository: Information sharing forums also provide a central repository to share and receive external threat intelligence, connecting smaller companies with the larger public and private network of cyber forums. 

While the concept of voluntarily sharing cyber information is still evolving and gaining traction among smaller network operators, it is a common practice for larger critical infrastructure providers to participate in robust information-sharing forums. However, small network service providers are hamstrung by resource limitations; often they do not have the time or resources to participate in a variety of cyber info sharing forums, and then analyze and assimilate a large amount of information to their unique operating environments. And currently, no existing, central cyber info-sharing venue focuses upon and thus meets the capabilities and needs of small telecommunications operators. 

NTCA is proud to be supporting a pilot program that seeks to address these gaps by facilitating the bi-directional sharing of cyber-threat information sharing among small, rural broadband providers. 

The pilot will enable participants to tap into intelligence from a variety of public and private sources. It will allow small operators to collaborate with and learn from their peers. And ultimately, it will provide the association with much-needed feedback and ideas for the future.

Through this pilot program, NTCA aims to lay the foundation for a sustained information-sharing capability that can assist members to more effectively manage cyber-based risks. 

To kick off the project, NTCA conducted a video webinar and issued a call for volunteers in April. Subsequently, 44 facilities-based, small network operators agreed to participate in the pilot project, which will take place this summer. Through this project NTCA looks forward to further exploring the concept of a unique, cyber-threat information sharing forum right-sized for small network operators – and sharing additional updates and lessons learned with the broader membership later in 2019.