Threat Sharing Service Aggregates Threat Intelligence from Companies, Governance Bodies, Law Enforcement, and Service Providers
Tacoma, Washington-based IID, announced a new information sharing solution this week, where Fortune 500 organizations can share data about the latest threats and ongoing attacks.
Under the new information sharing program, IID will work with select brands to automate the collection and dispersion of collective security intelligence, the company said Thursday. IID already gathers intelligence through relationships with various companies and brands, governance and guidance organizations, law enforcement, and service providers. The program is intended to be a widespread, automated collaboration, the company said.
Security experts believe sharing intelligence between governments and private sector companies will help protect assets, brands and users. The process is frequently a manual process, and is generally restricted to organizations within a specific industry or a small group of companies. IID’s program is intended to be a “collective threat intelligence solution” where actionable data is aggregated, filtered, and shared from thousands of contributing sources, IID said.
“The only way to truly secure the Internet is with collaboration on a large scale—and that requires automation,” IID CEO Lars Harvey, said in a statement.
Cyber-criminals already share information with each other—whether it’s sharing exploits, systems and networks to launch attacks, or just knowledge-sharing—and they are doing so very effectively. In contrast, the good guys, the defenders, are “operating in their own silos,” Rod Rasmussen, president and CTO of IID, said in a statement. The good guys are keeping up with the latest attack methods, but much of the intelligence they are obtaining is not actionable or timely.
A recent Ponemon Institute report found that organizations who have access to actionable intelligence in real-time are more likely to be able to block network intrusions from becoming successful compromises.
Existing information sharing groups and programs are limited and “lack the large-scale structured collaboration” needed to deal with highly organized criminal networks, IID said. Organizations are frequently tying up their security resources in a game of “whack-a-mole,” Harvey said. Not only are the resources busy fire-fighting, they are unable to anticipate the next attack or breach, he said. Having access to the latest data will help shift the IT teams’ focus.
“Security-data-sharing tools and practices are gaining mind share,” Anton Chuvakin and Dan Blum, analysts from research firm Gartner, said recently. “Increasingly, enterprises are realizing that they must break with insular ‘every one for themselves’ mindsets and band together to confront escalating threats,” Chuvakin and Blum said.
More on IID’s Information Sharing solution is available here.