Good security is everything when it comes to the prosperity of any sector. It does entail physical security and the security of various information in a given sector. Cybercrime is among the most trending security issues of late. The effects of cybercrimes are increasing with the increase in technological advancement. The criminals who do these activities come with different ways of doing their crimes to match the advanced technology or be higher than it. Overcoming Information Sharing Challenges in cyber defense exercises is a journal article written by four scholars. The scholars are Agne Brilingaite, Linas Bukauskas, Ausrius Juozapavicius and Eduardas Kutka. The article was published by Oxford university press on 28th January 2022. The article points to the lack of information sharing among the various cyber defense exercise bodies as the problem in dealing with cybersecurity issues.
The methodology used in the research was a case study method where the scholars used the two cases of the cyber security exercise to determine the attitudes that various specialists have regarding information sharing of the cybercrime issues (Brilingaitė et al., 2022). The research encourages cyber security specialists to collaborate by sharing various information regarding cyber threats on various platforms. When cyber threat information is shared among the specialists, it helps them develop a common solution by the specialists based on the popular information received. To address threats simultaneously in different countries, there has to be timely information upon detecting cybercrime activities.
Among the factors found by the researchers affecting the information sharing activities include not giving full focus on the technical task. This shows that the specialists concentrate on other tasks living out the tasks like those dealing with the reported files and documents. There is also a lack of the diverse skills required in handling shared information. The specialists must have the skills needed to disseminate the received information (Brilingaitė et al., 2022). They need first to understand the information before sharing the information with their fellow specialists. Lack of common vocabulary among the specialists is also another challenge. There is a presumption that every participant in the cyber defense exercise can understand the complex language used by these specialists, which is not the case.
Lack of knowledge on handling the various legal documents about cyber security is another challenge that affects the information sharing activities between the specialists of different countries. In most cases, every country has its procedures. Most of these cyber threat information sharing platforms are also not popular. This means that the specialists may not be aware of them, making it difficult to share various information about threats on those platforms (Brilingaitė et al., 2022). Multi-tasking makes it difficult for those tasked with ensuring that the information is passed. In some cases, various information-sharing channels need to be managed, making them difficult to maintain. Most participants in the cyber defense exercise also do not see the benefits of learning the information-sharing skills since it is considered local skills that may not be helpful at the international levels.
Pros of Authors’ Positions on the Issue
The authors’ positions concerning information sharing are important since, with information sharing on cybercrime activities, one can learn from other people’s mistakes. From these mistakes, they can develop proactive ways to prevent the issue before it reaches them. They can consolidate funds and employ the best team on time to develop methods by which they can make their organization immune to the type of shared cyber threat. Information sharing also allows for collaboration which speeds up the response to such threats (Wickr, 2021). The specialists will be ready on how to handle it, having known that it is a possible occurrence. This will make them also respond with immediate effect when they detect a similar threat to the shared one on their side. Information sharing is also believed to make everyone do their jobs better since they know what they need to do to avoid falling victims to the reported cyber threat activities.
Sharing of information also leads to a reduced cost of cyber security. Once an organization has identified a possible threat, it will do anything to avoid being a victim (Talamantes, 2021). This saves the cost that they could have spent dealing with the actual threat if it occurs. The organization can also strategically use its staff since the staff can be shifted to the points within the organization where they will have more impact on the prevention of the shared threat.
Cons of Authors’ Positions on the Issue
As much as information sharing has advantages, it is also accompanied by some disadvantages which may discourage organizations from its use in the fight against cyber security. Information sharing may expose the company or business to some liabilities through a lack of privacy. When other organizations know some of your weaknesses, they may use them against the organization that shared them to benefit themselves. Customers’ information may also be exposed to threats during information sharing, making this method not to be encouraged to fight cybercrimes (Wickr, 2021). When customer information is exposed, the customer may sue the company, which may give the company serious economic losses. For instance, the company will have to pay some fines given by the court; the company is also likely to lose many customers who may fear a similar case in the future, including the currently affected ones.
This method may also not be effective enough since not all companies may participate. For example, some companies feel that they are too small or have nothing to share with other companies when it comes to cybercrime activities (Audin, 2020). In a real sense, this is not true since every organization, however small it may be, experienced some threats that other big organizations may not have experienced but are also exposed to. Therefore, these organizations not taking part are likely to expose the other ones to the similar threat they experienced but do not say. This makes the method not to be effective enough in fighting cybercrime activities.
Many organizations may also be afraid of admitting their past attacks to other organizations (Wickr, 2021). The fear may be due to embarrassment in that they may feel that they were too weak to have been easily attacked cyber. Being afraid of sharing such kinds of information is another way that exposes the other organizations to the same threat since they may not be aware of such kinds of threats. Sharing data makes the organization lose control of the data and its consent role. Any shared data is likely to leave the organization’s information system. This makes it difficult for these organizations to control how the shared data is used by the parties they share it with. This makes many organizations not freely share information relating to cyber threats.
The use of anonymization has some limits in that the companies that may want to share their threat information through data anonymity still may not do so due to the weaknesses. The level of data analysis has increased. Even if data anonymity is to be used by the organization sharing the information, the shared information can still be analyzed, and the data is linked to someone (Audin, 2020). When the data are linked to the exact person, they can be negatively used to bring harm to the owner of the information acquired. This makes many organizations not share their data or threat information with other organizations for fear of being negatively used, making the method ineffective in dealing with cybercrime.
Recommendations
Instead of using information sharing to deal with cybercrime activities, I would recommend using other methods that do not expose the organizations to other threats. Organizations can use proactive methods such as backing up the data (Fintech Crimes Team, 2020). When data is backed up in safe servers or clouds, it becomes difficult to lose them and be accessed by any other unauthorized person. Organizations should ensure that they choose reputable companies that help them back up their data. Organizations can also install anti-malware or virus software. Some cyberthreats occur through this malware. Having antivirus will therefore reduce the chances of cybercrime that occur due to malware.
Organizations should also be smart with their passwords. They should ensure that they put passwords in every part of their devices where sensitive information is stored. The passwords should be strong with many characters that cannot easily be cracked (Fintech Crimes Team, 2020). The passwords may also be accompanied by biometric information such as fingerprints to make it difficult to crack. Passwords limit unauthorized personnel from accessing sensitive information that may be used against the organization. The organizations should also, at all costs, ensure that they avoid phishers. They should train their employees to ignore any links or emails that can be sent to the organization’s devices. These phishing links, when logged into, always lead to the extraction of the organization’s data which may be used by the criminals to harm the organization.
Nowadays, organizations depend on mobile phones for communication activities; they are easy spots for cybercrime activities. Therefore, organizations should ensure that they protect their smartphones, which can be used to access their information (Huber, 2019). They should not use wifi hotspots whose sources are unknown since this can also be used to extract information from the organization. The organizations should also ensure that they train their staff on the issues of cybercrime activities. They should have a basic knowledge of handling cybercrime activities. When employees are equipped with the basic required knowledge to handle cyber activities, it becomes easy to handle them whenever they occur.
In conclusion, information sharing is a good way to solve cybercrime activities, but various disadvantages also accompany it. Organizations should therefore switch to other methods of cybercrime security. For example, organizations can use passwords, train their employees, safeguard their smartphones, avoid using unknown Wi-Fi hotspots, etc. These types of precautions have no or little disadvantages and would therefore be preferred to use information-sharing methods.
References
Audin, G. (2020). Information sharing: Smart move? No Jitter. https://www.nojitter.com/security/information-sharing-smart-move
Brilingaitė, A., Bukauskas, L., Juozapavičius, A., & Kutka, E. (2022). Overcoming information-sharing challenges in cyber defence exercises. Journal of cybersecurity, 8(1), tyac001.
Fintech Crimes Team. (2020). Top 10 ways to prevent cybercrime. Fintech Crimes. https://fintechcrimes.com/top-10-ways-to-prevent-cyber-crime/
Huber, N. (2019). Top tips for preventing cybercrime. https://www.accaglobal.com/gb/en/member/discover/cpd-articles/business-management/cybercrimejul-cpd.html
Talamantes, J. (2021). Why is intelligence sharing important in cyber security? https://www.redteamsecure.com/blog/why-is-intelligence-sharing-important-in-cyber-security
Wickr. (2021). The pros and cons of threat information sharing. https://wickr.com/the-pros-and-cons-of-threat-information-sharing/