This blog post was written by Vincent Weafer.
With each new cyber threat report, we learn about the increasing volume of new, complex threats appearing across a myriad of server systems, networking equipment, personal computing platforms, and IoT devices. We also read about the real-world challenges that information security professionals face when attempting to identify, scope, and prioritize security events generated by their security systems.
In some environments, this volume can be measured in the millions or tens of millions of events per day. Security practitioners need help identifying the under-the-radar, high-risk incident and breach events from the huge volume of legitimate but less critical security events, and they need help automating and coordinating their security protection actions across multiple technologies and vendors so they can decrease the time to protect.
Enter the Cyber Threat Alliance. The CTA has grown from a research collaboration between McAfee, Palo Alto Networks, Symantec, and Fortinet into a newly incorporated “not for profit” organization that combines the threat intelligence capabilities of some of the top companies in the cybersecurity industry to tackle the problem of isolated knowledge, which limits each company’s ability to protect its customers as quickly as possible. Also announced this week is the addition of Cisco and Check Point as founding members.
CTA member executives Chris Young, Senior VP and General Manager, McAfee; Michael Daniel, president, Cyber Threat Alliance; Mark McLaughlin, chairman and CEO, Palo Alto Networks; Amnon Bar-Lev, President, Check Point; Marty Roesch, Chief Architect, Cisco Security; Greg Clark, CEO Symantec; Ken Xie, founder, chairman of the board and CEO, Fortinet.
The CTA is focused on tackling the problem of fractured intelligence in the cybersecurity market, and so the organization has created a dynamic real-time trust exchange for threat indicator sharing, validation, and monitoring. Gathering, contextualizing, and sharing knowledge among CTA members using this automated exchange will enable us to protect customers in real time and prioritize resources based on collective knowledge.
At McAfee, we believe in the power of together—the power of sharing intelligence to strengthen critical infrastructure and protect our customers. We are very excited about the potential for the Cyber Threat Alliance. To learn more, visit www.cyberthreatalliance.org. To learn more about threat intelligence sharing and McAfee’s part in that effort, visit www.mcafee.com/threatintelligencesharing. If you are part of the security vendor community and want to learn more about becoming a member of the CTA, please email firstname.lastname@example.org.