RSS Alerts

Share

More services

Related Links

Related Stories

  • Microsoft to distribute botnet intelligence to governments, industry
    Microsoft is testing a new service to distribute threat data captured from botnets and other sources to governments, law enforcement, computer emergency response teams, and companies.
  • APTs expected to grow in volume and sophistication, warns Fidelis chief
    Nation-state-sponsored advanced persistent threats (APTs) are only going to increase in volume and sophistication over the next few years, and the US needs to take the offense in countering these threats, argues Peter George, president and chief executive officer of network security firm Fidelis.
  • Fundamentals of security must evolve, especially in the cloud, says RSA executive
    RSA’s Art Coviello was all business as he gave the opening keynote at this year’s Cloud Security Alliance (CSA) Congress in Orlando. The emotion in his delivery was clear throughout as he discussed the changing security landscape, his company’s own brush with the headlines, and the challenges that security in the cloud present.
  • US names China, Russia as cyberespionage leaders
    The US intelligence community is blaming the Chinese and Russian governments for conducting an “aggressive” campaign to steal US industrial secrets through cyberattacks, according to a US government report released on Thursday.
  • RSA questions whether cybersecurity awareness month is working
    October is designated as cybersecurity awareness month but, according to this month's fraud report from RSA, you'd be hard pressed to say that the message on IT security is getting across, as the firm has just thwarted its 500,000th phishing attack against one of its client's systems.

Top 5 Stories

News

A road-map towards meaningful security data sharing

18 January 2012

The Security for Business Innovation Council has published its ninth annual report: 'Getting Ahead of Advanced Threats – Achieving Intelligence-Driven Information Security'.

The council was originally established and sponsored by RSA with the purpose of providing a non-partisan view of information security concerns and opportunities. It comprises 16 CISOs from companies such as ABN Amro, Coca Cola, Ebay, EMC, HSBC, JPMorgan Chase, T-Mobile and others. This year’s report, with additional input from William Pelgrin, the President and CEO of the Center for Internet Security, focuses on the desirability of shared intelligence to counter the new advanced threats.

It recognizes that just as cyber criminals share information and help each other, business must also pool and share its security intelligence in order to effectively counter the advanced threat of organized cyber crime and state-backed cyber espionage. “If large communities of organizations could readily and continuously exchange data on current attack methods, it would seriously impede attackers’ operations”, says the report.

It sets out a road-map towards achieving that end, including the collection of risk data, continuous research into criminal behavior and techniques, training in intelligence gathering and use, and of course the development of best practices in sharing threat information with other organizations.

The final and most difficult element, key to the success of the proposal, is the ability to manage large and disparate volumes of security data and convert it into actionable security information. In the short term this can be achieved by automation: automating the consumption of existing threat feeds, automating the collection of employee observations, automating log analysis and automating the fusion of data from multiple sources. The result becomes a big data analytics problem.

'Getting Ahead of Advanced Threats' shows how much can and should be achieved by organizations making intelligent use of readily available shared intelligence. This is currently largely the receipt and use of external data. But the report also intimates the next step, which has to be the evolution of business from a receiver of data to an active sharer of data. Of course it does already happen, particularly within specific market sectors such as finance. But the long term aim has to be sharing threat information in a safe and secure manner between all companies in a manner that can be received and actioned automatically.

This article is featured in:
Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012