Additional information
Source: Web-site of vendorThe project has been delivered on schedule
The budget has not been exceeded
Functionality complies with task
The project has been delivered on schedule
The budget has not been exceeded
Functionality complies with task
A Cyber Threat Response Organization consisting of public and private sector members chose ThreatConnect’s Information Sharing and Analysis Organization (ISAO) and Information Sharing and Analysis Center (ISAC) edition to facilitate the sharing of important cyber threat information amongst its membership.
About the Organization. The Organization was designed to bring together Chief Information Officers, Chief Information Security Officers and their threat analysis teams, from public sector and small to large private
sector organizations located in the same U.S. state, to effectively analyze critical, real-time intelligence and respond to emerging cyber threats. The goal was to give cross-industry group members the opportunity to better protect their assets, state critical infrastructure, and key resources from across the state.
The Problem: No Way to Safely Collect and Share Cyber Threat Information. The Cyber Threat Response Organization set out to find a solution to share important threat data with its membership. Due to the complexity and confidential nature of cyber threats, the Organization established a list of requirements that needed to be met prior to service selection.
How ThreatConnect Solved the Problem
ThreatConnect’s ISAO/ISAC edition allowed the Cyber Threat Response Organization to provide a single Threat Intelligence Platform (TIP) for their membership to aggregate their threat data, analyze a complex set of indicators, and take corrective action against their adversaries. Members are able to maximize the value of their existing adversary knowledge. Using the various monitoring and alerting features for domain names, and Whois Registrations, members are able to automatically track and be alerted to new adversary actions, rather than having to manually search for them. Once alerted, the member has the ability to act on the community-based intelligence into their network defense products.
Main Benefits of ThreatConnect
ThreatConnect allows the community members to pool their threat intelligence and their resources. Community members are seeing an improvement in the protection of their assets, key resources, and state critical infrastructure. ThreatConnect provided the ability to focus on bringing in intelligence that mattered to their state from multiple sources; automated tracking of adversary infrastructure, allowed contributions from their state community peers, and research contributed by ThreatConnect. This has allowed the membership to take a proactive stance against different adversaries; now having broad detection in place before they were targeted.
Manage Risks
Ensure Security and Business Continuity
Risk or Leaks of confidential information
No control over the state of communication channels
Risk of attacks by hackers
Risk of data loss or damage