As the throes of data breaches, advanced persistent attacks and denial-of-service attacks are reported daily and hashed inside and out, another phenomenon, a much more welcome and essential one, is also taking place in the cyber realm: international cyber collaboration.
On January 16th, President Obama and U.K. Prime Minister David Cameron announced broader and deeper cybersecurity collaboration, including a new joint cyber cell with an operating presence in each country. The cell will focus on specific cyber defense topics and will increase and expedite the sharing of cyber threat information and data.
Per the White House: “President Obama and Prime Minister Cameron have both made clear that domestic cybersecurity requires cooperation between governments and the private sector. Both leaders additionally recognized that the inherently international nature of cyber threats requires that governments around the world work together to confront those threats.”
Let’s be clear: there is not, and there cannot be, any domestic cybersecurity in any nation without a very large component of international collaboration on every level, including government, private sector, and academia.
While private citizens such as myself are certainly not privy to law enforcement collaboration and cooperation between the United States, Europol, Interpol and other foreign police forces, we know some collaboration certainly goes on. Yet, I can’t help wonder why we don’t hear more frequently about the United States seeking and deepening international cyber collaboration.
Trust is certainly one issue that challenges global cyber collaboration. Yet while there are justifiable concerns about sharing too much and tipping off the bad guys through leaks or downright treachery on the part of supposed partners, keeping one’s friends close is good, but keeping one’s enemies (or at least suspect friends) even closer is wiser.
Laws and regulations in various countries regarding privacy, self-interest, and more may often be at odds with collaboration. But there is movement towards global cyber collaboration.
That’s why I was gratified to hear about J-CAT, or more formally, the Cybercrime Action Taskforce, based at the European Cybercrime Centre (EC3) at Europol in The Hague. Launched Sept. 1, 2014, J-CAT’s debut didn’t get as much digital ink on this side of the pond as it did in Europe, but J-CAT is exactly what is needed in the amorphous world of Internet-facilitated crime.
J-CAT was founded by Europol’s EC3, the EU Cybercrime Taskforce, the Federal Bureau of Investigation (FBI) and the U.K National Crime Agency. As of the September launch, the United States, Austria, Canada, Germany, France, Italy, the Netherlands, Spain, and the United Kingdom had signed on as partners. Australia and Colombia were also said to have committed to J-CAT. I’m hoping countries from every continent will join; J-CAT needs committed partners in Africa, Asia, Latin America and the Middle East.
A European law enforcement official recently observed (at an event that I attended) that the United States seems to favor bi-lateral agreements more than multi-lateral efforts, but that there was “no need to ‘fix’ that as it seems to work.” It does seem as if we do prefer bi-lateral partnerships. I do hope though, that the United States truly supports and fully participates in J-CAT, which is being piloted for six months. J-CAT is set to have its first evaluation at the end of February 2015. I’m looking forward to the publication of that evaluation, with additional members listed.
Anne La Lena is a guest contributor to the Security Insights blog who has worked in homeland security with a focus on cybersecurity, information sharing, and critical infrastructure protection.