Download presentation
Presentation is loading. Please wait.
Published byBryan Lewis Modified over 8 years ago
1
TruSTAR Sensitive & Proprietary Cloud CISC: Cyber incident exchange and collaboration February, 2016 “We cannot solve problems with the same thinking we used when we created them.” -Albert Einstein
2
TruSTAR Sensitive & Proprietary Our adversaries are winning 2
3
TruSTAR Sensitive & Proprietary ‹#› TruSTAR Sensitive & Proprietary Adversaries share vulnerabilities and exploits 75% of enterprise attacks spread from the first company to the next within 24 hours. -2015 Verizon DBIR Median number of days threats are present on a victims network prior to detection is 205 days. -2015 Verizon DBIR Attacks spread from one company to the next in a matter of hours and remain undetected for months. 4 Attacks are increasingly well coordinated
4
TruSTAR Sensitive & Proprietary ‹#› TruSTAR Sensitive & Proprietary..yet defenders largely work on their own The most valuable information in cybersecurity is data about attacks that have already happened or are in progress. But companies rarely exchange it The most valuable information in cybersecurity is data about attacks that have already happened or are in progress. But companies rarely exchange it 5
5
TruSTAR Sensitive & Proprietary Companies do not share information early or often enough because of key market risk Attribution and business risks slow cyber information sharing across companies. Legal Concerns over disclosing Personally Identifiable Information, IP and discovery. Market Concerns over brand reputation and financial implications of disclosing a breach. Government Concerns over anti-trust violations and/or being seen as in bed with government. "Cyber-criminals are 10 steps ahead of us because they share vulnerability data and exploits and collaborate to carry out malicious acts. We must ask ourselves: why aren’t we doing the same when it comes to our defenses?” -- Richard Clarke, former U.S. National Coordinator for Security, Infrastructure Protection and Counter-terrorism 6
6
TruSTAR Sensitive & Proprietary Enter Uncle Sam…. (Is this really a good thing?)
7
TruSTAR Sensitive & Proprietary U.S. Cybersecurity Act of 2015 7 Enables companies to voluntarily share cyber threat indicators and defensive measures with each other without fear of liability or anti-trust complications
8
TruSTAR Sensitive & Proprietary What does the Act do? Definitions 8
9
TruSTAR Sensitive & Proprietary What does the Act do? Liability Relief 9
10
TruSTAR Sensitive & Proprietary What does the Act do? Anti-trust Exemption 10
11
TruSTAR Sensitive & Proprietary Data you can exchange 11
12
TruSTAR Sensitive & Proprietary Data you can’t exchange The law specifically excludes the sharing of the following types of information from its protections. ☒ Personally Identifiable Information (PII) ☒ Names of Corporate Officers ☒ Email Content (in most cases) 12
13
TruSTAR Sensitive & Proprietary So what can you do starting today? Leverage the Act Begin to exchange data and collaborate 13
14
TruSTAR Sensitive & Proprietary Cloud-CISC: Characteristics of Effective Information Sharing… 14
15
TruSTAR Sensitive & Proprietary Cloud-CISC: Characteristics of Effective Information Sharing… 15
16
TruSTAR Sensitive & Proprietary Quick Demo
17
TruSTAR Sensitive & Proprietary Next Steps Rackspace and others are sharing incident data TODAY. We are accepting new members now. Interested in joining? Contact pcoughlin@trustar.copcoughlin@trustar.co 17
18
TruSTAR Sensitive & Proprietary Thank you! “We cannot solve problems with the same thinking we used when we created them.” -Albert Einstein
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.