The sharing of information about new threats among security professionals in the private and government sectors is a powerful weapon against stopping new attacks. However, CISOs have often been reluctant to share security information. But if we want help from other people, we have to be prepared to share information ourselves.
Cylance recently spoke with Frank J. Grimmelmann, President & CEO/ Intelligence Liaison Officer at Arizona Cyber Threat Response Alliance (ACTRA). Frank served as the President of Arizona’s Infragard program, where he worked with the FBI to establish an information exchange for the private and public sectors.
According to Frank, sharing information is just the start. “What is needed is a fully operational capability to allow those who own the assets to translate timely threat intelligence into defensive action, ideally in real time,” he explains.
To demonstrate the benefits that stand to be gained, Frank shared a story about two companies involved in information sharing that cooperated to stop a live attack. One company was attacked by an advanced persistent threat (APT). There was no motive, just a desire to destroy information. The attacker rewrote file directories and renamed files. The company reverse-engineered the original attack and created an algorithm to unscramble the files scrambled by the malware. When a second company sustained a similar attack, the first company quickly offered them the algorithm. The second company applied the script to unscramble their files, and resolved the problem without having to revert to recovering files from backup. They were fully operational almost immediately; and there was no cost for the solution.
Frank will be sharing his expertise and other stories when he joins Malcolm Harkins, Chief Security and Trust Officer at Cylance for a webinar on April 26, titled, ‘Why Sharing Actionable Information Prevents Risk and Secures (Read more...)
This is a Security Bloggers Network syndicated blog post authored by The Cylance Team. Read the original post at: Cylance Blog