Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Disaster Recovery

New Service from IID Helps Organizations Share Cyberattack Intelligence

Threat Sharing Service Aggregates Threat Intelligence from Companies, Governance Bodies, Law Enforcement, and Service Providers

Threat Sharing Service Aggregates Threat Intelligence from Companies, Governance Bodies, Law Enforcement, and Service Providers

Tacoma, Washington-based IID, announced a new information sharing solution this week, where Fortune 500 organizations can share data about the latest threats and ongoing attacks.

Under the new information sharing program, IID will work with select brands to automate the collection and dispersion of collective security intelligence, the company said Thursday. IID already gathers intelligence through relationships with various companies and brands, governance and guidance organizations, law enforcement, and service providers. The program is intended to be a widespread, automated collaboration, the company said.

Security experts believe sharing intelligence between governments and private sector companies will help protect assets, brands and users. The process is frequently a manual process, and is generally restricted to organizations within a specific industry or a small group of companies. IID’s program is intended to be a “collective threat intelligence solution” where actionable data is aggregated, filtered, and shared from thousands of contributing sources, IID said.

“The only way to truly secure the Internet is with collaboration on a large scale—and that requires automation,” IID CEO Lars Harvey, said in a statement.

Cyber-criminals already share information with each other—whether it’s sharing exploits, systems and networks to launch attacks, or just knowledge-sharing—and they are doing so very effectively. In contrast, the good guys, the defenders, are “operating in their own silos,” Rod Rasmussen, president and CTO of IID, said in a statement. The good guys are keeping up with the latest attack methods, but much of the intelligence they are obtaining is not actionable or timely.

A recent Ponemon Institute report found that organizations who have access to actionable intelligence in real-time are more likely to be able to block network intrusions from becoming successful compromises.

Existing information sharing groups and programs are limited and “lack the large-scale structured collaboration” needed to deal with highly organized criminal networks, IID said. Organizations are frequently tying up their security resources in a game of “whack-a-mole,” Harvey said. Not only are the resources busy fire-fighting, they are unable to anticipate the next attack or breach, he said. Having access to the latest data will help shift the IT teams’ focus.

Advertisement. Scroll to continue reading.

“Security-data-sharing tools and practices are gaining mind share,” Anton Chuvakin and Dan Blum, analysts from research firm Gartner, said recently. “Increasingly, enterprises are realizing that they must break with insular ‘every one for themselves’ mindsets and band together to confront escalating threats,” Chuvakin and Blum said.

More on IID’s Information Sharing solution is available here.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Cybercrime

A cyberattack has disrupted hospital computer systems in several states, forcing some emergency rooms to close and ambulances to be diverted.

Cloud Security

Cisco warns that unauthenticated, remote attackers can log into devices using root account, which has default, static credentials that cannot be changed or deleted.

Application Security

Security researchers at Microsoft are flagging ransomware attacks on Apple’s flagship macOS operating system, warning that financially motivated cybercriminals are abusing legitimate macOS functionalities...

Application Security

Security researchers at Proofpoint are calling attention to the discovery of a commercial red-teaming tool called Nighthawk, warning that the command-and-control framework is likely...

Application Security

Cybersecurity researchers tracking destructive data-wiping malware attacks in Ukraine are finding signs of new malware with worm-spreading capabilities and what appears to be a...

Application Security

The U.S. government on Wednesday issued a blunt recommendation for organizations running VMWare Horizon servers: Initiate threat-hunting activities to find and expel Iranian APT...

Application Security

European venture capital and private equity firm Smartfin on Tuesday announced a deal to acquire Hex-Rays, the Belgian company behind the widely deployed IDA...