CYBER

Former cyber czar takes helm of security info sharing alliance

EDITOR's NOTE: This article was first published on FCW.com.

Founded in 2014 as a consortium of cybersecurity firms seeking to improve threat-information sharing and incident response, the Cyber Threat Alliance is now a formal non-profit with former White House cyber czar Michael Daniel as its president.

After two weeks at the helm of CTA, Daniel told FCW that he believes the growing member association can drive a number of changes in the cybersecurity ecosystem.

CTA members, which include founding firms Fortinet, Intel, Palo Alto Networks and Symantec, submit threat information into a proprietary platform that allows them to extract shared data in proportion to the quantity and quality of data they provide.

"If you're a member, your defensive products can now be based on a broader set of information than just your own," Daniel said. "That's a significant improvement just right there. And that happens at scale, at speed."

That means member cybersecurity firms will differentiate themselves less on what intelligence they have than on what they do with it in the products and services they provide. Daniel said he expects CTA to spur innovation and competition in that regard.

But, CTA isn't just about sharing threat indicators among members, it also seeks to take a bite out of cybercrime.

"We can take this data and we can use it to begin to assemble a much broader look at what adversaries are doing and actually assemble up what we are calling 'playbooks,'" he said. "It's really the description how the adversary in a particular instance does their entire business operation -- so not only in the malware that they are using, and not only the IP addresses, but their command and control infrastructure.

"If we could publish that and then have the cybersecurity vendors and governments and others begin to take action based on that, then we can actually disrupt the adversary's business model," he said.

The biggest medium- to long-term challenge Daniel sees is coordinating with governments around the world. The U.S. government and private sector have yet to see eye to eye on the protections, incentives and context needed to have effective information sharing that benefits both sectors.

Daniel said that some foreign governments that have limited cyber capabilities might be more inclined to partner with CTA in the near term.

"I think that's going to be a work in progress for some time," he said of integrating with the U.S. government.

About the Author

Sean Carberry is a former FCW staff writer who focused on defense, cybersecurity and intelligence.


Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.