Threat Intelligence & Incident Response

Cyware Launches ISAC-to-ISAC Operational Collaboration Initiative

New automated sharing capability will benefit more than 10,000 organizations from major industry sectors with highly enriched, actionable, and contextual threat intelligence

Cyware, the industry’s leading provider of the technology platform to build Cyber Fusion Centers for enterprises and threat intelligence sharing for ISACs and ISAOs, has expanded its technology offering to build the Industry’s first multi-sectoral operational collaboration network by enabling automated cross-sectoral threat intelligence sharing between information sharing communities (ISACs).

Historically, threat intelligence sharing between industry sectors has been limited and never completed at this scale where sectors including healthcare, space, energy and natural gas, retail, manufacturing, operations technology, legal services, education, and maritime transportation have joined hands to share malware and vulnerability advisories as well as Indicators of Compromise (IOCs) and threat mitigation strategies with each other in real-time. The initiative will enable organizations in one sector to learn from threats seen by organizations in other sectors and proactively take necessary mitigation measures and defend against common threats.

The launch of this ISAC-led operational collaboration initiative comes at a time when the cyber threat landscape is witnessing a massive escalation in high-impact cyberattacks targeting critical infrastructure entities globally. As per the report by the US-CERT, in 2021, “the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) observed incidents involving ransomware against 14 of the 16 U.S critical infrastructure sectors.” In May 2021, President Biden signed an Executive Order on Cybersecurity underscoring the need for removing barriers to information sharing between public and private enterprises.

Speaking on the launch, Errol Weiss, the Chief Security Officer at Health-ISAC said, “At Health-ISAC, we have been using Cyware’s solutions for sharing intelligence as well as valuable threat mitigation strategies with our members in real-time to collectively reduce the risk of potential attacks and enhance the resilience of existing cyber defenses. Now, using the new automated ISAC-to-ISAC cross-sector sharing solution by Cyware, we are able to work with other ISACs to leverage each other’s expertise in countering threats proactively. The collaboration is paving the way for each ISAC to ensure that their industry benefits from the common ground gained through this collective defense ecosystem.”

“Our partnership with Cyware started in 2020 and is our go-to resource to ensure all Space ISAC members have access to the most up to date information about the threats facing space systems. We believe that having a truly operational collaboration is the only way we will raise the security posture for the space sector, and we will see this come to fruition in our future Space ISAC Watch Center,” said Erin Miller, Executive Director of Space ISAC.

“The DNG ISAC has already received positive feedback from its participants on shares from other ISACs as part of the new ISAC to ISAC sharing feature. It was so easy to set up yet secure and configurable. With this new operational collaboration initiative by Cyware, our members are increasingly benefitting from the synergies we have developed with other ISACs and their members in proactively identifying threats and sharing mitigation strategies,” said Jim Linn, CIO of American Gas Association.

“Information sharing communities form the keystone of cross-sectoral operational collaboration between ISAC member organizations who have been facing the brunt of the uptick in nation-state adversary activity. The newly launched capability is the logical extension of our threat sharing and response capabilities that are already being leveraged by our ISAC partners to create shared situational awareness and operational collaboration with over 10,000 of their member organizations,” said Anuj Goel, CEO, Cyware.

Cyware brings together historically siloed security operations, allowing organizations to share threat data more efficiently, and collaborate on threat response within their security functions as well as with other organizations within their network. Earlier in 2021, Cyware launched a wide range of threat sharing solutions including CTIX Spoke and CTIX Lite to enable ISAC and ISAO members with small security teams to automatically ingest, enrich, and take actions on the threat intelligence shared by their sharing communities to enable closer collaboration against threats.

Cyware’s threat sharing solutions for ISACs, ISAOs, and their members include:

For ISACs (Hubs)

  • Cyware Threat Intelligence eXchange (CTIX) Enterprise: CTIX is an enterprise threat intelligence platform that enables ISACs to automatically ingest, enrich, analyze, and share threat data with their member organizations. Through CTIX Enterprise, ISACs can deploy an automated end-to-end and bidirectional sharing solution with their members.
  • Cyware Situational Awareness Platform (CSAP): CSAP is a real time collaboration and situational awareness platform that automates malware and vulnerability advisories aggregation, storage, and sharing capabilities for ISACs. The platform also enables threat mitigation collaboration between security teams across organizations and industry sectors.

For Members Organizations

  • CTIX Lite: CTIX Lite is Cyware’s threat intelligence platform (TIP) designed for mid-market ISAC members that require pre-configured threat intelligence feeds, enrichment, and automation capabilities. Using CTIX-Lite, ISAC members can automatically ingest as well as share threat intelligence back with their ISACs.

Additional solutions available for ISAC members include:

  • MISP Data Sharing: ISACs and member organizations using MISP can easily share threat intelligence bi-directionally through an out-of-the-box connector available in CTIX.
  • Cyware TAXII Client: This is an open-source TAXII client that empowers ISAC members who do not have a threat intelligence platform to access shared threat intelligence. Members can leverage Cyware’s out-of-the-box Python library to share intelligence with ISACs.
  • Cyware Threat Crawler: ISACs and their members leveraging CTIX can create and share threat intelligence pulled from the web easily, resulting in the automatic enrichment of threat intelligence to deliver unprecedented context.
  • Threat Mailbox: For ISACs and member organizations who prefer threat intelligence sharing and consumption over email, Threat Mailbox is a feature that allows them to configure email through CTIX. Intel that is sent to a Threat Mailbox is parsed and identified using machine learning and advanced natural language processing to ingest intelligence automatically within CTIX.
  • Free Open-Source Utilities: Cyware delivers a set of open-source utilities that help analysts convert unstructured threat data into STIX. Organizations can also identify objects for further sharing of data.

To learn more about how Cyware enables holistic threat sharing and collective defense, visit cyware.com.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Related posts

InQuest integrates with ThreatConnect to elevate threat intelligence

Business Wire

ESET adds New Rebates & Benefits to 2024 Partner Connect Program

PR Newswire

Mimecast Announces Acquisition of Code42

GlobeNewswire