Paper offers key considerations for corporations seeking to collaborate on security incidents impacting the cloud environment
SEATTLE, WA and SAN FRANCISCO, CA – RSA Conference Booth #1039 – April 16, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today released new research on Building a Foundation for Successful Cyber Threat Intelligence Exchange, the first in a series of reports that will provide a framework to help corporations seeking to participate in cyber intelligence exchange programs that enhance their event data and incident response capabilities.
Authored by the CSA Cloud Cyber Incident Sharing Center (CISC) Working Group, the report was written primarily for corporations beginning to explore—or that have already begun—the exchange of cyber security event data. The paper offers high-level, yet practical, guidance to support companies in three key areas:
- Connecting with sharing partners and exchange platforms that best meet their needs,
- Identifying the capabilities and business requirements that will form the foundation for a value-driven cyber intelligence exchange program, and
- Understanding the basics of the exchange process so they can efficiently share the event they see and more efficiently operationalize any intelligence they collect.
“While any organization with at least one person dedicated to cyber intelligence should consider participation in an exchange to enhance its own data, we wanted to further assist security teams with both emerging and mature internal cyber intelligence capabilities,” said Brian Kelly, co-chair of the Cloud-CISC Working Group and CSO of Rackspace. “Because the cloud industry is already taking advantage of many of the advanced technologies that support cyber intelligence exchange, and has such a unique and large footprint across the IT infrastructure, we believe that we have a real opportunity to make cyber intelligence sharing pervasive.”
“This paper is the first in a series of planned efforts to provide guidance and enable new users of cyber intelligence exchanges to benefit from the lessons learned from those who have already walked the path; it serves as a prototype for those seeking to derive value from shared cyber intelligence,” said Dave Cullinane, Cloud-CISC Working Group co-chair and founder of TruSTAR Technology. “We believe our efforts will serve as a model for those across the IT landscape seeking to derive value from cyber intelligence exchange.”
The Cloud-CISC Working Group seeks to eliminate existing security “stovepipes” by incubating trusted communities of cloud providers for the purpose of sharing cyber incident information anonymously.
Individuals interested in becoming involved in the future research and initiatives of the group are invited to join the group.
Building a Foundation for Successful Cyber Threat Intelligence Exchange is a free resource from the CSA.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which various parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.