At the heart of the Cyber Threat Alliance (CTA) is a commitment to improve cybersecurity defenses across the global information ecosystem. Our sharing of automated threat intelligence and collective engagement on unique cyber threats are critical aspects of this mission. Over time, CTA’s early sharing program has grown to be another valuable and important part of our work.
Our early sharing initiative allows members to share critical defensive information in the form of blog posts and research findings with one another through CTA in advance of public release. This sharing can involve the distribution of analysis, blog posts, research findings, and samples related to malicious cyber activity. Critically, it allows members to undertake defensive preparation of new, sensitive information ahead of time, rather than leaving them scrambling to protect customers after reports are made public.
The growth of this CTA program has contributed to a higher overall level of protection across the industry. We typically see between 2 and 4 early shares per week from our members, and have had over 215 early shares from CTA members since we began this program in May 2018 with Cisco’s sharing of VPNFilter. This rate of sharing and a corresponding growth in its depth and scope are a reflection of the growing mutual trust among our members that we have worked hard to cultivate and maintain.
This program now forms a crucial part of CTA’s day-to-day operations, and our members recognize and appreciate it. We regularly solicit feedback through membership-wide questionnaires covering the full range of CTA’s activities. Almost all respondents to our most recent survey from December 2019 highlighted the early sharing program as a significant benefit of membership. Such unanimity given the diversity of our membership in terms of geography, scale, and industry verticals further strengthens our confidence in the value of this program.
Our early sharing activities cover the full scope of cyber threats. This routine engagement builds CTA’s muscle memory to facilitate effective industry responses to significant cyber incidents. Members are able to leverage their data, analysis, and cybersecurity products to expose malicious activity more widely, prevent additional harm, and mitigate the activity’s effects more rapidly.
Given the importance of breadth and diversity to the success of this program, we ensure that all CTA members can access and contribute to this collective resource. Our Algorithm and Intelligence Committee manages this program, which allows representation from every CTA member regardless of their membership level. Members retain control over their analysis and can place embargos as needed on what they choose to share. This program relies on the trust, goodwill, and confidence of CTA members. We are grateful for their active participation in this program and we know that its success reflects the belief of CTA members in our collective mission.
To prospective members, we welcome any questions on what this program could do for your company. Reach out to us through this form for more information on this program and membership in general.
Author: Neil Jenkins
CTA Webinar – The NTT Security Holdings 2022 Global Threat Intelligence Report: A year of more sophisticated and substantial threats
Join CTA and NTT Security Holdings as we discuss the trends and insights from NTT’s 2022 Global Threat Intelligence Report. NTT’s Global Threat Intelligence Centre analysed security data across industries and to distil the key trends from attacks, malware, targeted technologies, and the resulting impact on various industries. NTT continues to [...]
Why Gen-Z Cares About the Future of Information Sharing
After hearing the buzzword of “information sharing” throughout my education, my summer internship with the Cyber Threat Alliance has shown me how we make this term a reality through facilitating threat intelligence sharing between private companies. As an undergraduate student at Stanford [...]
Cyber Threat Alliance Thriving in 2022
As I write this blog, we’re a little over halfway through 2022. This year has certainly produced some significant surprises – several of which fall into the “what didn’t happen” category. Regardless, though, CTA continues its work to enable members to better protect their customers, aid in the disruption of malicious actors, and raise the […]