Greg White wants you to share information. Not necessarily with him, but with your business competitors and industry peers. The University of Texas at San Antonio computer science professor is leading the charge to create a nationwide network of information-sharing outfits – from mariachi groups to investment firms – in a strength-in-numbers approach to combating cyberattacks.
White is the executive director of the Information Sharing and Analysis Organization (ISAO) Standards Organization, a national entity setting best practices for collaboratively tackling the country’s cybersecurity threats. His charge is to help spawn thousands of industry- or geography-specific groups that would share information on common cyber threats so that they can be collectively better equipped to fend off cyber villains.
Some of the largest information-sharing groups include banks and operators of critical infrastructure, such as electric utilities. There’s an ISAO for professional and amateur sports and one made up of small and mid-size Houston businesses.
“How many small- to medium-sized businesses have you gone into and given your credit card information to? I have a vested interest that this city be secure because a bunch of people out there have my credit card information,” White said.
If the shopping malls nationwide formed an ISAO, members would have access to a central database of all the cyber incidents affecting them, including, for example, an attempt to hack a string of malls in California. ISAOs gather, analyze, and disseminate information on those common threats to stay upstream of similar incidents.
Through an agreement with the State of Texas, UTSA was set to create a statewide sharing organization – a Texas ISAO of local government entities. If it had been commissioned on time, that ISAO could have helped in the response to the Aug. 16 ransomware attack that affected 22 small government entities in the state.
Communication among partners before an event is critical to preventing them. Reacting to cyber crises as they arise, rather than taking preventive measures, will only result in more attacks in the future, White said.
Convincing people information sharing is worthwhile is half the battle, he said. Getting funding to carry out his work in the realm of information sharing is another thing altogether.
Grant funding for the ISAO Standards Organization was recently rejected by the state. Without funding, the development of ISAOs will be on a slower track, White said.
“We see pretty good participation in the chambers [of commerce] across the U.S. in the private sector,” said Bret Piatt, CEO of local cybersecurity firm Jungle Disk. “I think if you could see ISAOs at that level of participation, it would be a great success and would strengthen our economy.”
The origins of ISAOs stem back to the early days of the internet, Piatt said. The North American Network Operators’ Group (NANOG), comprising the world’s largest internet service providers, such as AT&T and Spring, was founded in 1994 at the dawning of the World Wide Web. NANOG meets three times a year, in part, to share information on cyber threats.
“This kind of concept has been in place,” Piatt. “But the grant that Dr. White’s working on right now is really looking to expand this out, formalize it, and make it to where it’s something many more organizations are getting involved in and participating in so we can lift the security posture and level for more folks.”
White is helping to effect real change in the cybersecurity world by advocating for greater collaboration and information sharing, said Piatt.
In 2015, the ISAO Standards Organization was formed by executive order during President Barack Obama’s administration. The U.S. Department of Homeland Security awarded UTSA a $2 million grant later that year to carry out the program.
White now teaches just one class a semester because he’s got his hands full leading both the ISAO Standards Organization and its parent organization at UTSA, the Center for Infrastructure Assurance and Security. The center has developed cybersecurity competitions, training, and research.
That includes developing scholastic competitions for cybersecurity. White created an early version of a high school competition, which would help inspire CyberPatriot, the national youth education program in information security. He also helped bring to fruition the National Collegiate Cyber Defense Competition. The winning university will be crowned national champion in April.
A card game White helped develop, Cyber Threat Defender, draws the interest of children with an interest in the computing fields but also a passion for collectible card games such as Magic: The Gathering and Pokémon. The object of the multi-player game is to build defenses against cyberattacks by playing one’s cards. There’s also a PC version of the game. Both are used to teach basic cybersecurity principles, and some schools, including San Antonio public schools, use them in their classrooms.
“The card game has had a really big impact on raising the level of interest, prestige, and culture of cybersecurity,” said Lee Sutterfield, CEO of local cybersecurity firm SecureLogix and White’s former boss. “That was his idea. He’s done a lot of things like that over the years. The whole idea of a high school- and college-level competition of cyber defense was originated here in San Antonio by Greg and his team.”
It’s been nearly 20 years since UTSA pried White away from his private-sector job at SecureLogix. Although Sutterfield and White have taken different paths, both found their way into the San Antonio Cyber Hall of Honor in 2016 because of their contributions to the city’s cyber ecosystem.
“It was the right thing to do,” said Sutterfield, reflecting on his recommendation of White to a UTSA official seeking professors for the school’s then-fledgling cybersecurity program. “It was a loss for us, but businesses can always recover from those kinds of things. Greg was just so uniquely qualified. … It was ideal for him.”
With his ability to help build the cybersecurity program at UTSA into one of the most touted in the country, White has been an asset to San Antonio’s cybersecurity sector, Sutterfield said.
“He’s always taken the long-term view of ‘How do you really build a culture of scalable programs to address the needs of the future?’” he said. “And all of that is paying off now.”