There has been an information security mantra for years in the United States about the need for a public - private partnership. While ISACs have existed since the late 1990s, the results of public - private partnerships have hardly been harmonious; instead acrimony has been been the order of the day in most instances. Private sector organizations have long complained about the one way flow of information security data and information: from the private sector to the federal government, with nothing in return. That’s not entirely true, but that is the strong perception at least. For example, the NSA has been providing malware signatures to DIB (defense industrial base) companies for a couple years (e.g., “NSA Chief: Agency Wants To Provide Malware Signatures, Not Enter Private Networks”). The response of the private sector has generally been criticism of NSA’s perceived motives, and criticism about the quality of the NSA malware signatures provided. Of course this private sector skepticism was confirmed by the Snowden revelations in June 2013. Particularly galling to the private sector (especially the technology companies) was NSA’s PRISM surveillance program. Even within the private sector information sharing has been restricted. For example, ISACs are generally restricted to industry-specific members, and raw data is not shared. Rather. processed information, such as IOCs and malware indicators, are shared.