ThreatConnect Platform leverages its community-driven sharing and analysis capabilities to enrich sophisticated threats discovered and mitigated in network defense systems using the Structured Threat Information eXpression (STIX) Language
SAN JOSE, Calif.–(BUSINESS WIRE)–As part of the TM Forum Digital Disruption Conference, October 28-31 at the San Jose McEnery Convention Center in San Jose, California, ThreatConnect announced the launch of a prototype that connects commercial security products with advanced threat intelligence through an open source standard known as the Structured Threat Information eXpression (STIX), created by The Mitre Corporation. This effort was a key outcome of the TM Forum Cyber Threat Intelligence (“CTI”) Sharing Catalyst, which included leading telecommunications organizations and security vendors at the forefront of advanced threat protection.
The prototype allows security analysts to construct the details of their incident, specify relevant indicators and attributes within ThreatConnect, and transmit that information in the STIX format through an API to network defense systems. Participants from the catalyst group include ThreatConnect (a division of Cyber Squared Inc.), Symantec Corporation, RSA (a division of EMC), cVidya Networks Inc., and Edge Technologies. The prototype will be demonstrated at the conference to show how leveraging community-sourced threat intelligence can accelerate defenses and mitigate a distributed denial-of-service of attack (DDoS), limiting or preventing the damage done. According to Adam Vincent, CEO of Cyber Squared Inc., “The prototype demonstrates the power that commercial products can provide against advanced attacks when linked together and enriched by community collaboration. We are working in a more collaborative fashion, similar to our adversaries, by recognizing that we all benefit when we combine our strengths and knowledge into actionable intelligence.”
Another key outcome of the CTI Sharing Catalyst, which will be presented at the conference, is a groundbreaking Return on Investment (ROI) Calculator that builds a strong business case for threat intelligence platforms and threat sharing. Initially, the ROI Calculator estimates internal efficiencies and savings of using a threat intelligence platform as part of common security processes. The calculator allows organizations to input information about their own internal security workflow and processes. Users can see the benefits of applying cyber threat intelligence to each task in their workflow and determine operational savings unique to their organization. Secondly, the calculator includes a section for estimating the cost of a potential intrusion. Assumptions for this part of the calculator are based on data previously published by RSA regarding their 2011 intrusion and the 2010 Annual Cost of Data Breach study from Symantec. Based on the published data, organizations can understand the potential cost of an intrusion from a percentage of revenue and/or number of records compromised perspective.
In addition to the companies sharing data in the Catalyst’s live demonstration, the CTI Sharing Catalyst involved a focused number of influential participants including AT&T, Bell Canada, Birmingham City University, MITRE, Orange, Security Fabric Alliance, Telecom New Zealand, Telstra, and the UK MOD’s Defence Science and Technology Laboratory (DSTL). Detailed presentations will demonstrate the prototype and the calculator throughout the Digital Disruption event.
About ThreatConnect
ThreatConnect, a division of Cyber Squared Inc., provides the most advanced, collaborative threat intelligence platform combining threat data collection, analysis, collaboration, and expertise into a single platform. Designed by top security analysts but employable by anyone, ThreatConnect enables the security community to develop a more complete understanding of threats targeting their organizations. Better understanding of the threat landscape means better understanding of cyber risks and informed planning and decision-making. More than 1000 users and organizations worldwide across industries, and ranging in size from the small business through the enterprise, leverage the power of ThreatConnect every day to detect, characterize, and counter targeted cyber attacks. The ThreatConnect Community can be accessed by visiting www.threatconnect.com.
About TM Forum
With over 900 member companies, TM Forum is the largest global trade association focused on bringing together the digital ecosystem, including communication service providers, digital service providers and enterprises, with the goal of enabling an open digital world. The Forum delivers a wealth of knowledge and practical tools, including unique research, best practices and standards. Our members collaborate to rapidly solve business issues in critical areas, such as business process optimization, big data analytics, cloud management, customer experience management and security.
The Forum has four key roles–to Inform, Innovate, Accelerate and Optimize–and provides a neutral and open platform for collaboration between service providers, enterprises and their suppliers to overcome the barriers to an open digital economy. For more information about TM Forum, visit www.tmforum.org.