According to the US Cyberspace Solarium Commission report that came in March this year, there is an immediate requirement of securing the cybersecurity sector of the country for better prevention of the private companies and corporates. It highlights 70 critical guidelines that every C-Suite executive should follow to defend the cybersecurity measures. According to Dark Reading, "for the US public sector, the major threats are attacks on elections and other democratic institutions, espionage against both the military and its suppliers, targeting civilian agencies for surveillance, and US leadership in crucial technology R & D according to the commission."
It also says, "primary threats against the US private sector are cybercrime and malware, intellectual property theft, and risks to critical infrastructure. To protect against both public and private threats, the report proposes a three-level defense-in-depth encompassing six pillars of action." In the report, the essential guideline, according to the cybersecurity experts is, the enabling of information sharing among the cybersecurity experts that will help them protect organizations more efficiently. It will also allow experts to counter emerging cybersecurity challenges.
Another important highlight in the report is, coming up with more "robust cybersecurity policies and standards" to build a safer cyberspace infrastructure for different organizations. The report also highlights an important point, saying that allowing "information sharing" is a plus as it will help to develop better cybersecurity norms and collect common knowledge about critical areas and vulnerabilities. The gathered information will then allow the intelligence authorities to come up with countermeasures to these threats.
According to few cybersecurity experts, "information sharing" is the most helpful tool to find a cyber threat, vulnerability, or a cyberattack that is most likely to target sectors like healthcare, banking, government, and critical infrastructures. Currently, however, the cybersecurity norms and measures against cyberattacks are too weak and ineffective. Research and surveys on information gathering won't be enough to prevent data breaches and data exposure. There is a higher risk of sharing data of your organization's vulnerabilities, private info, consumer info, and other essential details compared to sharing critical penetrations.