CSA Official Press Release
Cloud Security Alliance Releases New Research: Building a Foundation for Successful Cyber Threat Intelligence Exchange
Paper offers key considerations for corporations seeking to collaborate on security incidents impacting the cloud environment
SEATTLE, WA and SAN FRANCISCO, CA – RSA Conference Booth #1039 - April 16, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today released new research on Building a Foundation for Successful Cyber Threat Intelligence Exchange, the first in a series of reports that will provide a framework to help corporations seeking to participate in cyber intelligence exchange programs that enhance their event data and incident response capabilities.
Authored by the CSA Cloud Cyber Incident Sharing Center (CISC) Working Group, the report was written primarily for corporations beginning to explore—or that have already begun—the exchange of cyber security event data. The paper offers high-level, yet practical, guidance to support companies in three key areas:
- Connecting with sharing partners and exchange platforms that best meet their needs,
- Identifying the capabilities and business requirements that will form the foundation for a value-driven cyber intelligence exchange program, and
- Understanding the basics of the exchange process so they can efficiently share the event they see and more efficiently operationalize any intelligence they collect.
“While any organization with at least one person dedicated to cyber intelligence should consider participation in an exchange to enhance its own data, we wanted to further assist security teams with both emerging and mature internal cyber intelligence capabilities,” said Brian Kelly, co-chair of the Cloud-CISC Working Group and CSO of Rackspace. “Because the cloud industry is already taking advantage of many of the advanced technologies that support cyber intelligence exchange, and has such a unique and large footprint across the IT infrastructure, we believe that we have a real opportunity to make cyber intelligence sharing pervasive.”
“This paper is the first in a series of planned efforts to provide guidance and enable new users of cyber intelligence exchanges to benefit from the lessons learned from those who have already walked the path. It serves as a prototype for those seeking to derive value from shared cyber intelligence,” said Dave Cullinane, Cloud-CISC Working Group co-chair and founder of TruSTAR Technology. “We believe our efforts will serve as a model for those across the IT landscape seeking to derive value from cyber intelligence exchange."
The Cloud-CISC Working Group seeks to eliminate existing security “stovepipes” by incubating trusted communities of cloud providers for the purpose of sharing cyber incident information anonymously.
Individuals interested in becoming involved in the future research and initiatives of the group are invited to join the group.
Building a Foundation for Successful Cyber Threat Intelligence Exchange is a free resource from the CSA.
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.
For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.