| | SEPTEMBER 20189CIOReviewI've come to appreciate the importance of cyber threat sharing during my 20+ years of service with the United States Postal Inspection Service, the federal law enforcement arm of the United States Postal Service. In the early 2000s, I led a team of Postal Inspectors in investigating sophisticated cybercrime schemes operating out of Eastern Europe. One investigation led to the arrest of cyber criminals connected to hundreds of cybercrime attacks.Central to the success of this investigation (documented in Misha Glenny's 2011 book, Dark Market) was a commitment to threat sharing between several public and private sector organizations. Cases like this demonstrate the critical role that proactive and sustained threat sharing plays in limiting the effectiveness of cybercriminals, from amateur hackers sending out phishing emails to nation states engaging in international cyber espionage. As long as companies hoard knowledge of cyber-attacks for fear of public shaming and loss of business, our understanding of the motivations, patterns, and tactics of cybercrime will continue to suffer. Threat sharing allows law enforcement organizations and the companies they protect to approach cybercrime from a holistic perspective. By combining the insights of private companies, dedicated non-profits, and law enforcement, we can piece together a fuller picture of cybercrime and stop cybercriminals before they strike.The Postal Service leverages law enforcement partnerships as a critical component of its overall network security strategy. We exchange cyber threat intelligence with trusted allies across the government, including our colleagues at the Postal Inspection Service and FBI. These relationships allow us to connect seemingly disparate threads and one-off leads into a more comprehensive view of cybercrime in the mailing landscape. These organizations often have knowledge and insights that enhances our understanding of the criminals launching attacks against our network, allowing us to stop would-be intruders and better secure the mail system for the American people. We encourage organizations of all sizes to maintain an open dialogue with law enforcement on the topic of cybersecurity. More often than not, cyber-attacks against a single organization are not isolated incidents. By sharing threat intelligence and reporting successful breaches, organizations empower law enforcement to seek out attackers and eradicate ongoing cybercrime.In addition to working with law enforcement, an organization should take advantage of the resources provided by public-private partnerships in the threat detection space. Foremost among these is the National Cyber-Forensics & Training Alliance (NCFTA), a non-profit cyber threat research and analysis institution based in Pittsburgh, Pennsylvania. NCFTA aggregates threat intelligence data from a range of contributors to identify, mitigate, and neutralize cyber threats. The work of the NCFTA, in partnership with its public and private subject matter experts, has led to the successful prosecution of hundreds of criminals worldwide--a tangible representation of the genuine benefits of cyber threat sharing. The Postal Service also supports efforts by industry-specific forums, like the Financial Services-Information Sharing and Analysis Center (FS-ISAC), to circulate valuable cyber threat information to members of a particular industry. Cybercriminals are increasingly organized, armed with rapidly-evolving technology that threatens to outpace even the most advanced cybersecurity defenses. Experience has shown that organizations are better equipped to detect and mitigate cyber-attacks when threat intelligence is shared with law enforcement organizations and credible research institutions. I encourage your organization to contribute to the cyber threat intelligence community and help us in our efforts to police cybercrime. By sharing threat intelligence and reporting successful breaches, organizations empower law enforcement to seek out attackers and eradicate ongoing cybercrime
< Page 8 | Page 10 >