Setting up a Threat Exchange where multiple companies obligated under the Critical Information Infrastructure (CII) norms participate to share and consume threat intelligence from OT networks can indeed face resistance and challenges, but establishing it with the support of a nodal body set by the Government of India (GoI) can potentially accelerate its adoption. Here are some considerations:

1. Resistance and Challenges:
a. Data sensitivity and security: Companies may have concerns about sharing sensitive information from their OT networks due to the confidentiality and potential impact on their operations. Implementing strict data protection measures and ensuring anonymity of the shared data can help address these concerns.

b. Legal and regulatory hurdles: There may be challenges related to legal requirements, compliance, and regulatory frameworks for sharing threat intelligence. Overcoming these hurdles requires establishing clear guidelines, ensuring compliance with existing privacy laws, and developing industry-specific regulations to promote information sharing.

c. Trust and collaboration: Establishing trust among different participants is crucial for the success of a Threat Exchange. Companies might be hesitant to share their threat intelligence with competitors or other organizations due to potential competitive advantages. Implementing strict confidentiality agreements, defining data sharing boundaries, and promoting collaboration can help build trust and encourage participation.

d. Technical interoperability and standardization: Different companies may have varied technical setups, making it challenging to establish a standardized format for sharing threat intelligence. Overcoming technical interoperability issues and implementing common standards will be essential to facilitate seamless sharing and consumption of threat intelligence.

2. Nodal Body and GoI Support:
If the Threat Exchange is backed by a nodal body authorized and supported by the GoI, it can offer several advantages:
a. Credibility and trust: Having a nodal body endorsed by the GoI adds credibility and trust to the Threat Exchange. Companies may feel more confident in sharing their sensitive OT threat intelligence, knowing that the initiative is supported by a recognized authority.

b. Regulatory support: The establishment of a nodal body can help align the Threat Exchange with regulatory requirements and navigate legal complexities. The involvement of government entities can streamline the creation of industry-specific regulations and guidelines, ensuring compliance and facilitating information sharing.

c. Collaboration facilitation: A nodal body can actively promote collaboration, facilitate discussions, and encourage participation from various stakeholders. Their active involvement can help address challenges, mediate disputes, and foster a cooperative environment.

d. Faster adoption: With the support of a nodal body, there is a higher likelihood of wider adoption of the Threat Exchange. Companies may perceive it as an official platform endorsed by the GoI, leading to increased participation and faster dissemination of threat intelligence among the CII entities.

In summary, while challenges and resistance may be encountered while establishing a Threat Exchange in the context of OT networks, having a nodal body set by the GoI can address these hurdles by providing credibility, regulatory support, collaboration facilitation, and ultimately accelerating the adoption of the exchange among CII entities.