Evaluating the Impact of Cybersecurity Information Sharing on Cyber Incidents and Their Consequences

摘要: The Department of Homeland Security (DHS) facilitates cybersecurity information sharing among federal government departments and agencies critical infrastructure owners operators to promote their security. Information is deemed importance accomplish the department’s mission; indeed, one central planks Executive Order 13636: Improving Critical Infrastructure Cybersecurity, which calls for greater between — not least DHS private sector. But while in intuitive that relevant, timely, accurate should help cyber defenders reduce vulnerabilities mitigate threats impact has been empirically assessed. lack empirical support raises two notable issues. First, information-sharing partners, particularly those sector, are sometimes reluctant participate government-sponsored initiatives because concerns about liability, resource costs, return on investment. Absent demonstration value efforts, may be unable better incentivize participation. Second, efforts may, a variety reasons, ineffective (not due participation or dissemination irrelevant information). Without assessing relationship number severity (i.e., consequences) incidents, identify improve poorly performing efforts. A previous Studies Analysis Institute (HSSAI) study recommended suite metrics measure various relevant inputs, processes, outputs, outcomes (Fleming Goldstein 2012). It did not, however, seek suggest ways test hypothesis reduces incidents (it was assumed do so, per guidance). Accordingly, building HSSAI research, present paper sets forth views use dependent variable (some incidents), primary independent sharing), control variables, model specifications.