View Page As PDF
Share Button
Tweet Button

There is no doubt that cyber threats are increasing in number and sophistication, and sharing information about these threats, such as incident reports, indicators and threat signatures, is something companies can do to protect their information systems and help prevent attacks.

Industry collaboration can help defray the increasing costs, and reduce the severity and frequency of cyber incidents. Through cyber intelligence sharing, an individual company can benefit by putting itself in a better position to spot and counter trends in cyber attacks and having access to a larger pool of identified bad actors to monitor. After all, there is only so much information one company can gather.

Some industries have already done this. Partly in response to the widely publicized data breaches involving Target and Neiman Marcus, the retail industry developed the Retail Cyber Intelligence Sharing Center (R-CISC). According to their website, the R-CISC "brings retailers together for omni-directional sharing of actionable cyber threat intelligence, and functions as a conduit for retailers to  receive threat information from government entities and other cyber intelligence sources."

But, can competitors safely work together by sharing cyber intelligence without fear of violating antitrust laws? The Department of Justice (DOJ) and Federal Trade Commission (FTC) certainly think so. In April of 2014, the DOJ and FTC issued an "Antitrust Policy Statement on Sharing of Cybersecurity Information." The policy clearly states that the DOJ and FTC "do not believe that antitrust is – or should be – a roadblock to legitimate cybersecurity information sharing." They reiterated that their "primary concern in this context is that the sharing of competitively sensitive information – such as recent, current, and future prices, cost data, or output levels – may facilitate price or other competitive coordination among competitors."

The DOJ and FTC made it clear that cyber threat information is typically technical in nature and covers a limited type of information, and disseminating that information appears unlikely to raise competitive concerns.


COMMENT
+