By Dain Oh, The Readable
In February 2021, I was a journalist for a daily newspaper who was starved for a scoop and prowled the technology jungle, devouring tips that would lead me to write big stories. One normal day while talking to my source, it caught my complete attention when the source mentioned that the National Intelligence Service was planning to share its information with the private sector.
The information that the source referred to was something that the cybersecurity industry had been wanting for decades. I broke into a cold sweat, pretending not to be surprised by the news. After we parted ways, I started doing my homework, studying what the information sharing meant in cybersecurity. My work turned into the front-page top article with direct quotes from the third deputy director of the NIS, the highest-ranking official who was in charge of the matter.
Information sharing sounds quite mundane. However, it has become one of the most important terms in cybersecurity for the last few years. It is believed to be a powerful, effective countermeasure able to respond to threat actors when the odds are against the defenders. The RSA conference, which took place in June of this year, also acknowledged the significant magnitude of the term.
For example, Avril Haines, the Director of National Intelligence of the United States, urged cybersecurity experts to participate in information sharing, saying “being able to develop the mechanisms that allow you to [provide information to partners] in real time is absolutely crucial.” If defenders can collaborate with each other, leveraging shared information, such as indicators of compromise, the chances of the bad guys winning will be dramatically reduced.
For this reason, the National Security Agency of the United States and the Government Communications Headquarters of the United Kingdom have been operating cybersecurity collaboration centers to promote collaborations between the private and public sectors. Information sharing is one of the main purposes of the centers. The philosophy behind these centers is rooted in the same conclusion: It is meaningless to make distinctions between the private and public sector or to draw lines between nations while cyberattacks are transnational.
The South Korean intelligence agency has opened its cybersecurity collaboration center on Wednesday. It is expected to raise the national resilience against cyber threats, which are pouring into the country even at this very moment. It took almost two years for the agency to organize and constitute the center, beginning in early 2021, the time that I left a mark on the cybersecurity industry as a journalist. The national cybersecurity collaboration center will encourage transnational collaboration, breaking down silos between security experts. There is a long way ahead to victory, but this historical step will advance proactive responses against the current threat landscape not only for South Korea, but also for other parts of the world.