This article can also be found in the Premium Editorial Download "Information Security magazine: How security pros can benefit from information sharing."

Download it now to read this article plus other related content.

Two Seattle CISOs, Kirk Bailey and Ernie Hayden, are pioneering a new level of trust and cooperation to secure their enterprises.

Over the clatter of an auto body shop where he was retrieving his car, Ernie Hayden received a disturbing cellphone call. "I'm sending you a warning about the latest MyDoom attack," the voice said.

No introductions were necessary. Hayden, the manager of enterprise information security for the Port of Seattle, immediately recognized the voice as his counterpart at the city of Seattle, CISO Kirk Bailey.

Usually, the pair meets once a week at a local coffeehouse to talk shop. They share their problems, insights, solutions and questions. Nothing is out of bounds, and there's no fear of compromise. Their trust in each other is unquestioned.

While the urgent warning of a MyDoom variant wasn't the norm, it was hardly unusual. When something serious breaks, they call each other immediately. They know implicitly that one always has the other's back.

By the time Hayden rolled into the office, he had the details of the worm that Bailey promised. The variant used an e-mail to instruct recipients to click an embedded URL and confirm an online purchase. The malicious Web site then downloads a virus that damages the host and mails itself to everyone on the person's contact list. With that intelligence in hand, Hayden sent an urgent message to his staff and began working on countermeasures.

It was yet another

    Requires Free Membership to View

example of why close, personal, working relationships between peers and the open sharing of security intelligence are important and beneficial. And it's a relationship that Hayden and Bailey continue to foster amongst their peers and are trying to export to others.

While the security practitioner's mind-set is usually wrapped around secrecy, Hayden and Bailey say they're proof that extending a little trust and putting two--or sometimes more--heads together is a better way to solve pressing security problems. This kind of cooperation practiced by Hayden and Bailey, as well as other Northwestern security professionals, could become a CISO best practice.

This was first published in January 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: