Threat information sharing is beneficial to businesses for several reasons. It makes retailers aware of emerging security threats. Becoming aware of threats other businesses have encountered allows them to better prepare themselves against the same type of threats. By working together companies are helping to eliminate these threats from becoming more widespread. This unity prevents attackers from achieving the goal they set out to reach.
To create a trusted communication point for retailers to share threat information, collaboration was needed. In June 2014, the National Retail Federation established "a Retail Information Sharing and Analysis Center (ISAC), which includes participants from the Department of Homeland Security and the Secret Service, which investigates large-scale credit and debit card breaches" (Westervelt, 2014). This will be a good platform for threat information sharing, but initially it will take time for trust to be established amongst the retailers.
In order for retailers to be better prepared to respond to threats they must establish better incident response plans as well as regularly testing them. This will not only help retailers with their threat mitigation and response, but it will also help other retails to develop better response plans as well. Some retailers may not have the correct tools to properly identify the threats that are occurring. The ISAC may also provide a good resource for retailers to relay the correct and necessary tools that others should be using to properly detect threats. This is because those involved in ISAC will have built a relationship of trust amongst one another.
While this is a step in the right direction, it does not eliminate all of the potential problems that currently exist with threat information sharing between public and private sectors. Often private sectors are at an advantage because they are more financially secure and can afford the necessary tools to detect the threats. To provide better threat information sharing automation is needed. MITRE Corporation is a nonprofit organization that is working on Structure Threat Information eXpression (STIX). STIX is a standardized language that represents structured cyberthreat information, which allows security incidents to be properly described in a formal manner that creates a better resource for threat sharing. It does seem that with enough cooperation threat information sharing will become extremely beneficial to those involved.
Westervelt, R. (2014, July 3). The Rise of Threat
Intelligence Sharing. Retrieved July 4, 2014, from CRN:
http://www.crn.com/news/security/300073317/the-rise-of-threat-intelligence-sharing.htm
No comments:
Post a Comment