As part of its mission to disrupt malicious cyber activity strategically and to raise the level of cybersecurity across the digital ecosystem, CTA collaborates with a broad range of organizations that are ineligible for membership, as well as individual thought leaders.
Types of Partnerships
CTA’s partnerships fall into three general categories: formal partnerships, including our Contributing Allies, ad-hoc partnerships, and relations with individual ‘CTA Champions.’
Although all such arrangements are uniquely tailored to ensure maximum benefits for both parties, CTA’s formal partnerships tend to be broad and ongoing in nature. They typically involve cooperation across one or more of the following areas of mutual interest:
- Contributing and receiving threat intelligence on a periodic basis through human-to-human interaction
- Coordinating and sharing information during cybersecurity emergencies
- Collaborating on the planning of cybersecurity incident simulations and exercises
- Conferring on policy issues and positions
CTA’s ad-hoc partnerships are more specific, typically focusing on particular areas of mutual interest (e.g., cybersecurity research, advocacy, etc.) In addition, CTA maintains good relations with a number of individual ‘CTA Champions’ from industry, academia, and beyond who are passionate advocates for CTA’s mission and goals.
Unlike CTA members, our partners do not participate in governing CTA, setting CTA’s operational agenda, or establishing CTA’s policy / advocacy positions. However, like our members, they must also meet a set of objective criteria to ensure that they uphold CTA’s integrity and reputation:
- Not creating undue security risks for CTA or our members
- Respecting the rule of law, including international law as applied to cyberspace
- Upholding widely agreed-upon norms of behavior in cyberspace
- Not being listed on the United Nations Security Council Consolidated List or the United States Treasury Department’s Office of Foreign Assets Control Sanctions List
- For governments, agreeing to conduct their relationship with CTA through a network defense organization, such as an authoritative national CERT or CSIRT