Story image

Cloud Security Alliance establishes threat sharing scheme

25 Sep 2015

Collaboration between vendors and businesses is a crucial part of ensuring attack reports are up-to-the-minute and provide specific information about threats.

To aid this, the US-based Cloud Security Alliance (CSA) is proposing to set up a scheme that will enable organisations to anonymously report data breaches, in the interests of enabling others to take steps to prevent them becoming victims of similar attacks.

The CSA has set out its proposals in a new white paper ‘The Mandate for Meaningful Cyber Incident Sharing for the Cloud’.

In the white paper, CSA says, “A major impediment to protecting information assets in an enterprise is the unwillingness and/or inability to share cyber security incident information.

“Fear of public exposure and resulting legal ramifications has caused organisations to withhold critical attack signatures that could have impeded or even prevented several of the industry’s most notable breaches.”

It adds: “Enterprises and cloud providers […] all have a distinct need to understand the types of incidents that peers and technology partners are experiencing, so that they can better protect themselves and their customers.

“For cloud providers, which play a unique and central role in the IT infrastructure, the challenge is especially acute given the potential widespread implications of a successful attack.”

CSA provides a telling example: immediately after the now notorious attack on Target, 18 other companies were attacked using the same methods.

The speed with which this happened was the result of cyber criminals having very effective information sharing networks, unlike enterprises, the CSA says.

“Once an exploit is shown to be effective, or a zero-day vulnerability discovered, it is often quickly disseminated via a number of underground channels and rapidly used by a variety of bad actors against a large number of potential targets,” the CSA says.

To enable the anonymous sharing of information, and swift action based on the intelligence provided, the CSA is proposing the development of a Cloud Cyber Incident Sharing Centre (CISC).

“Once an incident report is shared, the Cloud-CISC platform’s unique algorithms provide near-real-time correlation with reports supplied by other vetted members.

“If similarities are discovered, members can be alerted and provided with the related reports that contain additional attack indicators, valuable context and mitigation advice,” says CSA.

It has set out a four stage process aimed at bringing this vision to reality.

  1. Establish a small steering committee (8-10 people) with representation from both cloud providers and cloud customers.
  2. Provision steering committee members to access the Cloud-CISC platform, giving each the ability to transmit and access incident reports.
  3. Over a 90-day period, evaluate the Cloud-CISC platform and make recommendations for improvements and modifications.
  4. Develop a charter and standard operating procedure for the CISC following the conclusion of the 90-day evaluation period.

Vic Cinc, Axelera CEO, says, “If such a scheme could be developed and implemented, with adequate safeguards, it would give a huge boost to the cloud computing industry’s defences against cyber criminals.”

How Red Hat aims to accelerate business value with container technologies
Red Hat announced that leading global companies are creating, extending and deploying integration services across hybrid and multicloud environments using agile integration architectures based on Red Hat technologies.
IT employers having to up salaries and bonuses to attract talent
As the modern economy relies increasingly on data, it’s certainly a good time to be working in IT.
Red Hat expands integration product capabilities
Adds end-to-end API lifecycle support and new capabilities for agile integration across hybrid architectures.
Electric car infrastructure needs to be a high priority
“Australians should be able to drive all over this massive nation with complete confidence in a zero-emission vehicle.”
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
BMC adds IBM Cloud, Watson to Helix solution
BMC Helix with IBM Watson delivers cognitive insights across structured and unstructured federated knowledgebases.
Hyundai works with IBM to create a new blockchain-based platform
The network for commercial financing will supposedly provide participants with a single view of all the transactions happening in the network.
Why businesses should invest in energy automation
In industrial applications digital transformation allows businesses to do more with less.