Motorola Creates Hub for Sharing Cyberthreat Intelligence
Motorola Solutions has created a Public Safety Threat Alliance, a cyberthreat intelligence-sharing hub aimed at improving public safety in the community.
The Public Safety Threat Alliance, a Cybersecurity and Infrastructure Security Agency (CISA)-recognized information sharing and analysis organization (ISAO), is solely dedicated to facilitating information and intelligence sharing on cyberthreats to public safety.
ISAOs allow for pooling resources so many organizations can spend a little money or resources and receive outsized work product as a result.
A Collective Approach
“The complex nature of today’s cyberthreat environment means that no organization, public, private or nonprofit, has all of the information and intelligence needed to adequately protect against these critical threats,” explained Scott Kaine, corporate vice president of cybersecurity at Motorola Solutions.
He said given the interconnected nature of global networks, combined with the rapid tempo of most cyberattacks, a collective approach to cyberthreat information and intelligence is imperative.
Kaine added that ISAOs bring unparalleled value to their community by creating a forum for their members—public, private and nonprofit organizations—to share information with each other about the cyberthreats, cyberattacks and the techniques and tactics in use by bad actors against their community.
The information-sharing component is critical because the ISAO takes the various types of information from myriad sources and transforms it into actionable intelligence that members can use to improve the collective cybersecurity posture of the ISAO’s members.
“It is in this way that the Public Safety Threat Alliance is building a network to better defend public safety networks worldwide,” he said.
Mark Lambert, vice president of products at ArmorCode, an application security provider, pointed out that public agencies are struggling with the same challenges as the private sector—increased exposure to cyberattacks and under-resourced response.
“Leveraging ISAOs, public agencies are able to share threat intelligence to gain awareness and potentially prepare responses before they are compromised,” he said. “Due to Motorola Solutions’ position in the public sector, they are able to leverage insights gained across all their clients and quickly inform public agencies of active and potential threats.”
Lambert explained that, as a society, we rely on our public agencies for many things in our daily lives, but they are under attack more than ever before.
“Partnerships between the public and private sector have never been more important as our public agencies lack the resources and critical information required to respond quickly and effectively,” he said.
From his perspective, the bad actors move fast and the cybersecurity industry need to respond faster.
“The only way we achieve that is by sharing information and pooling resources,” he said. “No one has anything to gain by withholding critical information from our critical public agencies.”
Kaine also pointed out that cybercriminals are likely to continue developing new techniques and operational practices to conduct opportunistic attacks.
He noted extortion would continue to drive the criminal economy, funding the thriving digital underground with growing ransom demands.
“In addition, hacktivism will likely remain a threat to public safety, as global unrest continues to spark hacktivist campaigns of varying sophistication and resources to target law enforcement and government resources,” he said.
Creating Actionable Intelligence
Kaine said the Public Safety Threat Alliance’s dedicated public safety-focused analysts will draw from a wide array of intelligence products and feeds, from public, private and nonprofit organizations to create actionable intelligence.
“Leveraging this information and intelligence, combined with Motorola Solutions’ cybersecurity services, will allow public safety organizations to maintain pace with the constantly evolving threats and better defend their networks against the same,” he said.
John Bambenek, principal threat hunter at Netenrich, a digital IT and security operations company, added most organizations do not have the resources to set up a complete threat intelligence program.
In these cases, ISAOs allow organizations to pool resources and receive intelligence products via a shared mechanism so they are accessible to more organizations.
The end result is, hopefully, more secure organizations than there would be otherwise.
“A significant aspect of public safety organizations is communication, especially communication in a crisis or mass-causality event,” Bambenek said. “Motorola has a long history of providing communications products, including to public safety organizations, and as a major enterprise, has access to the talent necessary to make this endeavor work.”
He explained that, in the United States, most critical infrastructure is owned and operated by private entities, and law enforcement and intelligence agencies do not have access to those networks—and, by extension, those attacks directly.
“Private organizations, on the other hand, do not have access to the same intelligence tools the government does,” he said. “Partnering together allows for the protection of a national security interest while allowing them to remain in private hands without any of the tricky constitutional problems or concerns about intelligence agencies operating in domestic environments.”
Kaine noted the 2015 Executive Order promoting private sector cybersecurity information sharing, which established ISAOs, recognized the critical role that public-private security partnerships play in our collective cybersecurity.
“This remains true today across all facets of critical infrastructure cybersecurity, including public safety,” he said.
