Check Point, Cisco Join Cyber Threat Alliance

Written by

The Cyber Threat Alliance (CTA) has added Check Point Software Technologies and Cisco as alliance founding members.

It also has appointed Michael Daniel as the organization’s first president, and announced its formal incorporation as a not-for-profit entity.

The existing founding members are Fortinet, Intel Security, Palo Alto Networks and Symantec. Together, the six founding Members have contributed to the group’s first project: The development of a new, automated threat intelligence sharing platform to exchange actionable threat data, further driving the CTA’s founding mission of fomenting a coordinated effort against cyber-adversaries.

The CTA’s corporate purpose as a not-for-profit is to share threat information across member organizations and protect customers; to advance the cybersecurity of critical IT infrastructures; and to increase the security, availability, integrity and efficiency of information systems.

In addition to expanding its founding members, the CTA’s affiliate members, include IntSights, Rapid7 and RSA, who join existing members Eleven Paths and ReversingLabs.

Since its inception in 2014, the CTA has regularly exchanged information on botnets, mobile threats and indicators of compromise (IoCs) related to advanced persistent threats (APTs), and advanced malware samples. Notable milestones of the CTA’s cooperative efforts cracked the code on CryptoWall version 3, one of the most lucrative ransomware families in the world, totaling more than US $325 million ransomed. The CTA’s research and findings pushed cybercriminals to develop CryptoWall version 4, which the CTA also uncovered and resulted in a much less successful attack.

The CTA platform automates information-sharing in near real-time to solve the problems of isolated and manual approaches to threat intelligence. The platform better organizes and structures threat information into Adversary Playbooks, pulling everything related to a specific attack campaign together in one place to increase the contextual value, quality and usability of the data. This approach turns abstract threat intelligence into actionable real-world protections, enabling members to speed up information analysis and deployment of the intelligence into their respective products.

To foster continued collaboration and incentivize meaningful threat data, the new CTA platform requires members to automate their intelligence sharing contributions, meet a minimum contribution every day, and rewards contextualized, unique intelligence. Members will eventually be rewarded with greater levels of access based on the value and volume of the information they have contributed.

"The future of cyber security is here. The CTA collaboration will enable us to accelerate the pace of innovation as we work to protect the cloud, mobile and provide the best means for advanced threat prevention,” said Gil Shwed, founder and CEO, Check Point.

What’s hot on Infosecurity Magazine?