BCLT Open Data Symposium April 17, 2015

Public Cybersecurity: Is there a role for open government data?Deirdre Mulligan | Elaine Sedenberg UC Berkeley School of Information

Cybersecurity = Public Good

2

Individual vs. Collective

3

Goals of Public Cybersecurity

✤ Prompt the production of cybersecurity!✤ Focused on socio-technical system as a whole!

✤ Manage the remaining insecurity!✤ Reach political agreement !

✤ Definition of cybersecurity!✤ Framework to balance individual rights and

public welfare

4

Information as a Means

✤ Prevention Orientation (Reducing Vulnerabilities):!✤ Improving artifacts; education; community

empowerment; policy development!✤ Important to understand how things work in the

wild (machines, networks, people)!✤ Response Orientation (Managing Insecurity):!

✤ Detection; identification; containment; treatment!✤ Monitoring and analyses enable response

5

Public Health Functions Steering Committee, July 1995

Essential Public Health Services

6

Public Health: Role of information in achieving goals

Education, prevention, surveillance, and containment fueled by Information, and ongoing research that depends on data!

Information used by diverse and distributed players, essential to sustain and coordinate action!

Lots of variations in form of information collection and sharing!

Ongoing tensions between risks of broad accessibility, and need for accurate and complete data on population!

Delicate balances throughout complicated information ecosystem!7

Public Cybersecurity: Role of information in achieving goals

✤ What role can information sharing and data availability play in advancing public cybersecurity goals?!

✤ Underscores importance of clarifying goals!

✤ Specifically interested in the unique role open data may play

8

Views on Cyber Info Sharing

✤ White House: Sharing risks and incidents in order to foster real-time response collaboration; voluntary organization and encourages partnership with Federal Gov’t. (EO 2/13/15 “Promoting Private Sector Cybersecurity Information Sharing”)

Mechanisms for sharing classified information for critical infrastructure (EO 12829) !

✤ Congress: Sharing of information by Federal Gov’t; sharing of cyber threat indicators and defense measures with Federal Gov’t; oversight; assessment of current Federal capabilities and threats (CISA 2015)!

✤ Civil Liberties Advocates: Concerns about users’ privacy and broad data sharing provisions outside of cybersecurity purposes!

✤ Private Sector: Concerns over discoverability; liability; competitiveness 9

Historic Example of Public Health Information Sharing!

1854 Cholera Outbreak in London

10

11

12

13

Relevance to current data sharing in cybersecurity

✤ Security research sometimes resembles “shoe-leather” epidemiology!

✤ Ad-hoc, independent gathering of data in response to incidents!

✤ Burden on independent actors to convince public officials!

✤ Public data limited and episodic; private entities often hold the data

14

Problems in current cyber info sharing

✤ Permissions and access dictated by data owners!

✤ Inconsistent data sources; often stale; fits narrow research needs!

✤ Incompatible data formats and timescales!

✤ Unclear privacy implications15

Present Examples of Public Health Information Sharing!

PulseNet & multidrug resistant Shigella | HIV Indicators & Data Systems

16

17

18

✤ Systems address different goals: detection of known and unknown threats; tracking chronic conditions; understanding broader context!

✤ CDC and community role in coordinating information sharing and data stewardship!

✤ Not all data held by government; different levels of openness!

✤ Further responsibilities to inform public, educate, and formulate responses & interventions

Public Health Data Practices

19

Potential Benefits of Open Data for Cybersecurity

✤ Shapes communities of practice and engages “non-experts”!

✤ Government data consistent/accessible/balances risks and benefits/existing platforms!

✤ Opportunity for transparency in data surveillance systems!

✤ Level playing field for small organizations

20

Research Contributions

✤ 1) Information Sharing within the context of public cybersecurity is a means to an end, so goals need to be clearly defined!

✤ 2) Options for sharing data: different parties, different data, & degrees of openness!

✤ 3) Within public health, open data has advanced specific goals and outcomes in addition to fueling research that has indirectly benefited public health 21