Skip to content Skip to sidebar Skip to footer
Home Resources Blog Sharing threat intelligence: a critical power in fighting cyber crime

Sharing threat intelligence: a critical power in fighting cyber crime

Sharing threat intelligence: a critical power in fighting cyber crime

At our annual BE-CYBER Experience Sharing event, the Cyber Security Coalition gathered five leading voices for a panel discussion on the question: to share or not to share threat intelligence? This sparked a compelling conversation on the benefits and challenges of stricter regulations aimed at strengthening information sharing, the crucial role of human relationships now and in the future, and Europe’s position as the strictest enforcer. “Throughout this debate, it’s crucial to keep the true purpose of these actions at the forefront.”

The panel, consisting of Miguel De Bruycker (Managing Director General at the Centre for Cybersecurity Belgium), Bart Asnot (National Security Officer at Microsoft Belgium), Ilias Chantzos (Global Privacy Officer and Head of EMEA Government Affairs at Broadcom Inc.), Alex Vandurme (Head of NATO Cyber Security Centre Cyber Hygiene Branch) and Bart Preneel (Professor in KU Leuven’s COSIC research group), was moderated by Sujin Chan Allen (General Counsel at NATO’s NCI Agency).

In a world where a cyberattack occurs every 39 seconds, threat intelligence sharing has never been more urgent. At its core, threat intelligence revolves around one critical question: how can we ensure optimal sharing of cyber threat information and data between all involved stakeholders? “This has been an issue for more than 25 years,” explained Ilias Chantzos, underscoring not only the importance of this process for the industry, but also its role as a driver of progress. “We must share intelligence as effectively as possible, because the ‘dark side’ is continually doing so –  and advancing because of it,” added Bart Preneel.

“Trust and transparency are fundamental: people need to know you and understand what you do. That’s why, in a sector that operates primarily online, in-person connections – for example, through networking events and gatherings – are more important than ever,” continued Miguel De Bruycker.  However, he added that in the realm of threat intelligence sharing, you must accept that those providing information will never disclose everything they know.

Bart Asnot agreed: “The human element is fundamental. We need to learn to understand each other’s language, and together determine how to navigate the existing context and regulations.”

Regulation and complexity go hand in hand 

As the panellists pointed out, while regulations are crucial for setting standards, they also add complexity, especially for smaller businesses. So, how can the right balance be achieved? “One could argue that every new regulation or legislation, whether it’s the GDPR or NIS2, is an attempt to formalise the process of information sharing,” Ilias Chantzos pointed out. “The result is that the organisation’s legal team is now often putting the brakes on information sharing, while technical teams like engineers are eager to share more.”

The downside of increasingly strict laws and initiatives around information-sharing requirements is slower progress in cyber security. “For a small-business-focused country like Belgium, compliance with these laws is an even greater challenge,” noted Bart Asnot. “Moreover, increased obligations undermine a core advantage of the digital world – the ease of cross-border collaboration – often without fully revealing one’s identity. So is it desirable or feasible to completely reverse this logic?” Bart Preneel responded.

The greater good 

This tension resonated with the other panellists. “In my experience, sometimes you simply have to dare to share data, even if not required by regulations. It’s a matter of give and take, where we must always keep the greater good in mind. Ultimately, it’s about risk management,” Alex Vandurme added, highlighting the growing complexity surrounding information sharing. “Technological innovations, including those from academia, can be a great help here. “Take encryption, for example—it ensures confidentiality while enabling information sharing without exposing critical data, thanks to advanced encrypted computing techniques,” Bart Preneel chimed in.

A further complication is Europe’s position as the strictest regulator – a well-known reality that clearly affects businesses. “In this whole debate, it’s crucial to keep the true purpose of these actions at the forefront. We can encrypt and secure data all we want, but the real question is what we ultimately aim to do with it,” concluded Ilias Chantzos.

2024 BE-CYBER - DAVID Panel
About the author
Bavo Boutsen

Bavo Boutsen

Journalist at The Content Company
Already during student life, the journalist woke up in Bavo. Learned the craft during passages at VRT NWS, Canvas and Woestijnvis. As a historian, is always looking for surprising connections and new insights. Combines this ingrained curiosity with a sharp pen and a nose for stories. Prefers to spend his free hours on a terrace or in a soccer stand.
Join our podcast
Please choose your preferred listening platform and language

Spotify

EN

FR

NL

Apple

EN

FR

NL

Join our newsletter

Cyber Pulse keeps you up-to-date on the latest cybersecurity news, community actions and member stories.