The US and Israel and due to announce a bilateral threat sharing programme involving co-operation between the two allies' Computer Emergency Response Teams.
The agreement, due to be signed on Tuesday, was trailed in respective conference speeches by Alejandro Mayorkas, deputy secretary of US Homeland Security and Dr Eviatar Matania, head of the Israel National Cyber Directorate.
The exchange will involve the sharing of vulnerabilities, attacks and (importantly) mitigation strategies in “near real time”.
“Not everything we gather will be propagated but the screening will be automatic,” said Dr Matania. Data shared will be anonymised so as not to reveal the identity of a company under attack and filtered for relevancy.
All this will be done automatically without human review and will help to tackle threats.
Information sharing between private sector companies and the US government is a hugely contentious issue, resulting in repeated legislative delays before the passage of the Cybersecurity Information Sharing Act last December.
Many in Silicon Valley don’t trust the government to keep sensitive data secure, particularly in the wake of the OPM hack, which spilled the private information of million of government employees. Privacy advocates opposed the bill as a facilitator of yet more indiscriminate mass snooping (surveillance).
Israel has a completely different political and business culture to the US so this sort of thing is hardly controversial. “Companies, sectors and countries need to share information,” according to Dr Matania, who added that the US is a “natural ally”.
Although the idea of active defence or hacking back against security attackers is coming into vogue at least in the US, the Israeli government is opposed to it. “We can’t let private companies do something that’s the role of the state,” according to Dr Matania, who added that to proceed otherwise would cause “chaos”.
“Companies should limit themselves to securing their own networks and running honeypots,” he added.
Quite a few people view the security scene on the inter webs as already chaotic, thanks in no small part to the activities of the intel agencies of nation states. During his speech, Dr Matania articulated a strategy of “changing the unbalanced equation between attackers and defenders” in cybersecurity, a worthy but problematic ambition.
Quizzed by El Reg on this point, Dr Matania acknowledged this was a difficult mission. He suggestion that automatic detection tolls can change how developers work and minimise coding mistakes. ®