Sharing is Caring: Collaborative Analysis and Real-time Enquiry for Security Analytics

For decades it has been acknowledged that sharing security information and collaboration between security practitioners are a necessity. Yet, effective sharing and collaboration are rare. A gamut of legislative acts, executive orders, academic works, and private sector initiatives have discussed aspects of the problem and aimed to be the catalyst needed to fix the situation. But almost 30 years since these efforts started, the state of sharing and collaboration is still technically complicated, slow, untrusted, and impeded by bureaucratic woes. This work identifies the challenges of sharing security artifacts and uses real-world examples to illustrate our findings. Based on this knowledge, we propose a new model for sharing and collaboration, CARE. The CARE architecture eases many of the privacy, secrecy, lineage, and structure issues that plague current sharing communities and platforms. We then build upon this foundation to introduce a marketplace based on smart contracts with transactional privacy over a distributed blockchain. Therefore, CARE incentivizes sharing, combats free riding, and provides an immutable ledger for the attribution of events. This paradigm shift, overcomes the challenges of sharing while providing new opportunities for business models, insurance risk assessments, and government backed incentivisation.