Maybe it should be unsurprising that 2020 has no intention of going quietly. By the beginning of December, it had already given us a sudden explosion in remote work, COVID-19 themed lures, a ransomware surge, election disinformation, and 5G deployment battles. Yet, 2020 was not finished.
As we head into the last few weeks of the year, the Solarstorm or SUNBURST intrusion has rocked the US government and the cybersecurity industry, providing an example of what a sophisticated intrusion and supply chain compromise actually looks like. While cybersecurity is never a quiet field, this year has provided no respite for network defenders. Moreover, these events continue to demonstrate the need for cybersecurity companies to share threat information with each other if they want to meet these challenges effectively.
As a result, despite the challenges posed by 2020, CTA members continued their strong support of our work. In fact, I have to consider 2020 a success for CTA. Over the course of the year, we:
- Added 3 new companies to the Alliance – OneFirewall, Anomali, and SecurityScorecard – with two more coming very soon.
- Deployed an upgraded automated sharing platform, culminating more than a year of development work.
- Reached the 100 million shared observables mark in early September and will likely reach 140 million by the end of December.
- Reached 350+ member blogs and threat reports shared early with other CTA members since 2018.
- Ramped up publishing on the CTA blog with 29 posts for the year, including 10 guest blogs from our members and partners.
- Established partnerships with five contributing allies, including the Financial Services Information Sharing and Analysis Center (FS-ISAC), the Information Technology ISAC, CSIRT Asobancaria (which represents financial institutions in Latin America), Taiwan CERT, and the Center for Internet Security (CIS), which encompasses the Election Infrastructure ISAC and the Multi-State ISAC. We also joined the No More Ransom initiative.
- Readied our Election Security Working Group to support state and local election officials in the conduct of the US Presidential election.
- Issued a report (revised April 2021) on cyber threats to the 2020 Tokyo Olympic Games through our Olympics Cybersecurity Working Group.
- Sponsored four online conferences, ramped up our social media presence and blog posting, and started a webinar series.
- Collaborated with the Global Cyber Alliance to provide work from home guidance.
- Rolled out the CTA Champions program, an invitation-only initiative for individuals from industry, academia, and beyond who are passionate advocates for CTA’s mission and goals. As of December 2020, we have officially signed on three CTA Champions.
- Actively participated in the Aspen Cybersecurity Group, the World Economic Forum’s Partnership Against Cybercrime, and the New York Cyber Task Force.
This hard work in 2020 enables CTA to head into 2021 in a stronger position than ever. That’s good, because, as an industry, cybersecurity providers will have plenty of challenges next year too. In the US, while the Presidential transition offers the opportunity to increase the US government’s focus on cybersecurity, it could also disrupt ongoing public-private collaborations. We will need to step up efforts against cybercrime, especially ransomware, and begin to reduce its impact on individuals and the overall economy. We will have to protect the COVID-19 vaccine supply chain and distribution system from cyber threats. We will have to deal with the long-term fallout from the SolarWinds compromise, an effort that will likely span several years. And that’s just what we can predict right now.
Yet, no matter what 2021 brings, CTA will continue to forge ahead in trying to make the digital ecosystem safer. If your company is already a member, we appreciate your continued support in achieving this goal. If your company is not yet a member, you should check us out – now is definitely the time to find new, robust ways to collaborate in cybersecurity. Only by working together can we successfully overcome whatever the coming years choose to throw at us.
Author: Michael Daniel
CTA Webinar – The Cyber Threat Landscape: 2021 Was a Hell of a Ride – 2022 Isn’t Shaping Up Any Better
Join CTA and Radware as Neil, Daniel, and Pascal discuss the most [...]
Cultivating a Diverse Cybersecurity Workforce
Cyberattacks continue to increase in prevalence and impact and recent cyber incidents have brought a wake-up call that we must invest in training and hiring in the cybersecurity field. Because nearly every aspect of society depends on the digital infrastructure, cyberattacks are costly and extremely disruptive. We continue to rely on an inherently insecure internet […]
Incident Response Blog: Cyber Incidents in Ukraine
As Russian forces take military action in Ukraine, cybersecurity companies are reporting various cyber attacks targeting organizations within Ukraine, such as government agencies and critical infrastructure companies, and organizations outside of the country that provide services to Ukraine. Additionally, the U.S. [...]