Written by Joe Chen, VP of Engineering, Broadcom
Five years ago, Symantec, now an enterprise division of Broadcom, proudly became a founding member of the Cyber Threat Alliance as a not-for-profit organization. CTA was founded with the mission to share threat information and better protect the mutual customers of our members. It is important to view CTA objectively, even as a founding member, so each year, we evaluate our CTA membership. We ask ourselves: Are our customers receiving faster protections? Are we as CTA deploying protections to all control points for our shared customers?
What was a vision is now a reality. In the nearly two years since the pandemic began, we were happy to see CTA gained ten members. CTA members are international and represent different industries. Each member brings a unique perspective and context to their threat intelligence. As CTA members, we get access to over 1 million indicators of compromise with context per week through the Magellan platform. What each member does with the intelligence is up to them. This is a sticking point for CTA; a benefit not easily replicated on the outside.
Along with the automated sharing platform, we value the vast human-speed sharing that takes place. CTA’s unique early sharing program enables members early access to research from other members. This allows members to check and add protections before the rest of the industry even sees the research. When customers ask us about newly published research, we can truthfully tell them we have already seen it and have protections. At Symantec we make a goal to share all of our research with CTA before publication.
Regular sharing and collaboration builds trust. In July 2021, a ransomware campaign targeting Kaseya’s VSA product was discovered. Threat researchers and analysts from CTA members sprung into action, joining calls to share ideas, and exchanging research and threat indicators. You would have never known this was a group of direct competitors working together.
Over the past five years, we continue to see that the sharing that happens in CTA benefits us, our fellow members, but most importantly, it benefits our shared customers against cyber actors. Our customers expect us to work together so their systems run seamlessly. At Symantec, we are proud to share our research and intelligence with CTA for the greater good, and we are happy with the intelligence we receive in return. In the next five years, my hope is that CTA continues to grow and other members of the cybersecurity industry join us in realizing these benefits. Happy anniversary, CTA!
Author: Joe Chen, Broadcom
CTA Webinar – The Cyber Threat Landscape: 2021 Was a Hell of a Ride – 2022 Isn’t Shaping Up Any Better
Join CTA and Radware as Neil, Daniel, and Pascal discuss the most [...]
Cultivating a Diverse Cybersecurity Workforce
Cyberattacks continue to increase in prevalence and impact and recent cyber incidents have brought a wake-up call that we must invest in training and hiring in the cybersecurity field. Because nearly every aspect of society depends on the digital infrastructure, cyberattacks are costly and extremely disruptive. We continue to rely on an inherently insecure internet […]
Incident Response Blog: Cyber Incidents in Ukraine
As Russian forces take military action in Ukraine, cybersecurity companies are reporting various cyber attacks targeting organizations within Ukraine, such as government agencies and critical infrastructure companies, and organizations outside of the country that provide services to Ukraine. Additionally, the U.S. [...]