Written by Matt Watchinski, VP, Global Threat Intelligence Group, Talos, Cisco
Cisco Talos sets out every day to make the internet a safer place.
But we can’t always fight the good fight alone.
That’s why we are so proud of what we’ve accomplished with the Cyber Threat Alliance, which turns 5 years old today. We set out to co-create the CTA five years ago so that the largest cybersecurity companies in the world could coordinate and share vital information that can protect users across the globe.
The CTA allows us to share our intelligence ahead of publishing time — through automated means and early copies of security research — so that other organizations can craft detection and prevention for their customers, and vice-versa. This allows all of us to create a safer cyber space for all.
For example, when Talos researchers discovered that attackers were exploiting some well-known vulnerabilities in Microsoft Exchange Server to deliver the Babuk ransomware, we used the CTA to share our research with partners before we went public with that information. That gave other security company members like Palo Alto, Checkpoint and Fortinet time to process our research and make sure their customers were protected.
That way, they were a step ahead of the bad guys by the time we made our research public, and the attack surface for bad actors became that much smaller.
The same goes for Talos detection — when we receive intelligence via the CTA, we craft detection for Cisco Secure products and solutions so when partner companies publish their research our customers are already protected.
Outside of company security research, the CTA also offers member companies access to intelligence from U.S. government agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) and other Information Sharing and Analysis Centers (ISACs) that may never make it out for public consumption.
We started the CTA with just a handful of partners. Today, there are 34 member organizations, who all share the same goal of protecting users everywhere and we continue to recruit additional members. While we all may be competitors at some level, what we have built over the last five years is an amazing amount of trust in the industry. Security isn’t an individual effort — it’s a team sport, and you must trust the person next to you to be an effective team.
The CTA is also an outspoken proponent of global, coordinated response to cyber threats. As we wrote in a blog post earlier this year regarding ransomware attacks, “Both governments and the private sector will have many challenging moments as we move to combat these threats. Now more than ever, wisdom and level heads are needed to find the appropriate levers of government and the private sector, and to apply those levers effectively against the threat.” That is something we strive for every day with our CTA members in partnership with federal and global government agencies.
Talos is proud to continuously support the CTA and its information-sharing programs. If your organization is interested in becoming a member, visit https://www.cyberthreatalliance.org/membership.
Author: Cyber Threat Alliance
CTA Webinar – The NTT Security Holdings 2022 Global Threat Intelligence Report: A year of more sophisticated and substantial threats
Join CTA and NTT Security Holdings as we discuss the trends and insights from NTT’s 2022 Global Threat Intelligence Report. NTT’s Global Threat Intelligence Centre analysed security data across industries and to distil the key trends from attacks, malware, targeted technologies, and the resulting impact on various industries. NTT continues to [...]
CTA Board of Directors Spotlight: Matt Watchinski, Cisco
CTA Board of Directors Spotlight: Matt Watchinski, Vice President of Cisco Talos What inspired you to be a part of founding CTA? The ability to get all the security companies that had a similar security vision in the same place talking about the same problems. The truly important part we [...]