The Cyber Threat Alliance (CTA) Sharing Model relies on our organization’s status as a trusted environment for all of our private-sector members, as well as public sector and civil society partners. That trust also allows us to do so much more.
The fact that all of CTA’s private-sector members have access to the same shared information and are required to follow the same set of rules around handling and use of shared information ensures that CTA can maintain the trust needed for sharing, collaboration, and engagement. Each new member that joins CTA enters on an equal footing. Crucially, all CTA members can participate in our Algorithm & Intelligence (A&I) committee, which serves as the hub for human-speed sharing and discussion within the Alliance.
Read on to learn more about how CTA’s environment of trust can help generate value for your business and stronger protections for your customers.
It’s Not Just What You Know, But Who You Know, That Counts
For many years, vendors struggled to access the data and samples from other organizations that would have allowed them to more effectively protect their customers. Information sharing within the cybersecurity industry of today is far more robust, and organizations such as CTA help to expand the global playing field when it comes to enabling protections and analysis.
However, CTA isn’t just a network of digital pipes for transmitting threat intelligence information from coast to coast and country to country. Active participants in CTA collectively become part of a community that any other member can tap into in order to further their research, exchange information around specific cyber threats, or establish channels for ongoing collaboration. Such engagement is built on a solid foundation of trust that we seek to nurture and build among our membership. CTA is uniquely well positioned to facilitate a broader dialogue that includes connections between more disparate points in the ecosystem.
Share Early, Share Often, and Get Insights in Return
CTA’s Early Sharing Program is one of the most significant benefits of CTA membership and is similarly dependent on the trust our members have in one another. When members share research and analysis ahead of general publication, they are relying on the trusted environment that our organization provides to ensure that this non-public information is handled with care. CTA helps to build the relationships between members that is necessary to make this early sharing possible. You can check out the full list of since-published Early Shares here.
When members take that leap of faith and start sharing through that program, the benefits are manifold. Most obviously, this activity helps better secure the ecosystem by allowing other CTA members to prepare protections ahead of time in accordance with the rules designated by the sharing member. Additionally, CTA members will often provide feedback or validation on these shares from their own perspective, which can improve the quality of those analytic outputs across CTA membership and the industry as a whole.
Outside of the early sharing program, this dynamic of real-time Q&A and discussion around recently identified or evolving threats is found across the organization. Member researchers go back-and-forth on a day-to-day basis through our Webex channel, committee meetings, and via email.
We all benefit from the robust sharing of insights, ideas, and feedback. None of that is possible without a solid foundation of trust.
To learn more about CTA’s trust-dependent sharing model and inquire about membership, contact us today.
Author: Neil Jenkins
The latest from the cyber threat alliance
Cyber Threat Alliance Elects Avast’s Jaya Baloo and Symantec’s Joe Chen to Board of Directors
WASHINGTON, DC— June 13, 2022 — The Cyber Threat Alliance (CTA) today announced the election [...]
An Update on the State of the SEC’s Approach to Cyber Risk
This update follows the March 2021 State of Cyber-Risk Disclosures of Public Companies. Recent cyber-related comments and enforcement actions by the U.S. Securities and Exchange Commission made clear that the SEC has escalated its scrutiny of the cybersecurity disclosures of [...]