Business & Technology

Threat Information Sharing Can Change the Security Landscape

By Derek Manky | October 25, 2017

One of the biggest security challenges IT teams face is simply staying a step ahead of the cybercriminal community. Of course, digital transition continues to compound this problem by continually expanding the potential attack surface. And at the same time, the cybercriminal community continues to up their game with increasingly sophisticated exploits designed to circumvent security solutions and evade detection.

The challenge has been encapsulated in a saying all security professionals are familiar with: to be successful, network defenders have to be right every single time, while cybercriminals only need to be right once.

There is, however, a way to tip the scales back in the favor of the defenders. And that is through the collection and correlation of critical threat intelligence. Attacks tend to follow a complex series of steps, creating an attack chain that includes probing, penetration, persistence, and propagation. Each step has its own fingerprint and can be countered with the right information, helping level the security playing field.

The Cyber Threat Alliance was created to provide the granular intelligence that security professionals need to identify and thwart an attack at numerous places along the kill chain. Its goal is to bring together strong contributors in the cybersecurity market together to share cyber threat intelligence to help organizations better defend against cyber adversaries and improve the overall security of the internet.

CTA’s automated platform enables its members to contribute to the overall security of the internet by providing real-time threat intelligence that can significantly reduce time to detection and close the gap in the detection-to-deployment lifecycle.  

To further expand and solidify the power of threat information and intelligence sharing, specialists, researchers, and consumers of threat intelligence are gathering at the annual CyberNext DC on October 25, 2017. The Cyber Threat Alliance, the Coalition for Cybersecurity Policy and Law, and the National Security Institute are this year’s conference sponsors. Keynotes will be delivered by Ron Johnson, US Senator from Wisconsin and Senate Homeland Security chair, and Michael Daniel, President & CEO of the Cyber Threat Alliance.

Panels will cover such critical topics as IoT threats, vulnerability disclosure, information sharing, and risk management. Panelists include a spectrum of security leaders and luminaries, including Fortinet’s own CISO, Phil Quade, who prior to joining Fortinet served as the NSA Director’s Special Assistant for Cyber and Chief of the NSA Cyber Task Force.

The goal of this event, as well as local and industry-related ISACs, is to find ways for government agencies, private sector organizations, and leading security vendors and researchers to work together to establish information sharing standards and protocols, create strategic playbooks, and develop tactical and operations tools. As a result of such efforts, organizations around the world are already better able to consume, correlate, and process threat information into actionable intelligence.

Better information and processes supported by critical information sharing enables organizations to better detect and stop new and emerging threats everywhere along the kill chain, and will continue to tip the outcome of the existing cyber war in the favor of the folks tasked with protecting our critical cyber and physical resources, and helping drive the emerging digital economy.

For more information: Cyber Threat Alliance expands global footprint with addition of new members

Sign up for our weekly FortiGuard intel briefs or to be a part of our open beta of Fortinet’s FortiGuard Threat Intelligence Service.