Governance of cybersecurity communities
Understanding threat intelligence sharing as a collective action problem through incentivization of the National Detection Network
X.B. Bouwman (TU Delft - Technology, Policy and Management)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Organizations benefit from improved cybersecurity threat detection capabilities if they share information in a community of their peers. However, organizations are unlikely to share the sensitive information that is most valuable as this poses individual risks. Information sharing in cybersecurity communities therefore forms a collective action problem. Currently, cybersecurity information sharing is being studied primarily as a technological challenge. Drawing on theory from economics and the social sciences, this study proposes governance requirements to overcome individual interests and improve information sharing. These are used to design a governance structure for the case of the National Detection Network, a cybersecurity community initiated by the government of the Netherlands. The proposed governance meets interests of parties through a process of interactive decision-making in four phases, while incentivizing sharing of cybersecurity information. Lessons are drawn from the case for cybersecurity communities in general.