An Ongoing Blog Series Highlighting ThreatBlockr’s Best-In-Class Threat Intelligence
In our previous blog, we talked about the importance of Using Multi-Source Threat Intelligence to Strengthen Network Security. One critical source is industry-specific threat intelligence. With attackers commonly launching industry-specific attacks, having visibility into threats targeting your industry is critical to cyber defense. In this blog, we will take a look at industry sharing and how the ThreatBlockr platform makes it simple for you to deploy industry-specific threat intelligence to protect your network.
Industry Sharing Communities (ISACs/ISAOs)
First established in 1999 by presidential directive, Information Sharing and Analysis Centers (ISACs) and Information Sharing and Analysis Organizations (ISAOs) represent industry-specific communities of interest whose members voluntarily share cyber threat intelligence with each other. A good analogy for an ISAC/ISAO is the neighborhood watch model. In a neighborhood watch group, communities build trust, and share information and best practices with each other to increase their individual and collective security. All neighborhood watches share a foundational idea that bringing communities together promotes an increased quality of life and reduces crime.
An ISAC/ISAO serves the same purpose, connecting your business to a larger community, which may be in the same industry or region, to proactively share information on cyber threats and incidents, as well as best practices. ISACs/ISAOs collect, analyze, and disseminate actionable threat information to their members and provide tools, such as threat feeds, to mitigate risks and enhance resiliency.
With threat actors commonly launching industry-focused campaigns, industry sharing communities provide a collective approach to cyber defense allowing members to increase their visibility into industry-specific threats and improve their ability to prevent, detect, and respond to threats. The overall effect shares a foundational idea neighborhood watch group – that through these community efforts the quality of each member’s condition improves, and cybercrimes can be prevented.
Today, there are a plethora of ISACs/ISAOs that span industry, state, national, and international communities. While they operate individually, most work together under the same directive, providing cross-sharing of information for the greater good of cybersecurity. There are also efforts by organizations like Global Resilience Federation to facilitate the sharing of threat intelligence between ISACs/ISAOs.
With the list of ISAC/ISAOs long and growing, we wanted to highlight a few of the most common ones we run into among our customers.
- E-ISAC: Operated by the U.S. Department of Energy, E-ISAC provides threat intelligence sharing for the energy industry.
- FS-ISAC: With over 7,000 members, FS-ISAC is one of the largest (if not the largest!) industry sharing communities.
- H-ISAC: A global, non-profit, member-driven organization providing threat intelligence sharing for the healthcare and public health sectors.
- LS-ISAO: A member-driven community that shares actionable cyberthreat and systems vulnerability information among law firms for their mutual defense.
- MS-ISAC: Funded by the U.S. Department of Homeland Security and operated by Center for Internet Security (CIS), MS-ISAC is an industry sharing community for state, local, tribal, and territorial governments. CIS also operates the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), which is specifically targeted at the election community.
- REN-ISAC: The Research and Education Networks Information Sharing and Analysis Center serves over 650 member institutions within the higher education and research community.
While these are some of the more well established industry and community sharing organizations, there are also some newer efforts, we wanted to highlight. These include:
- K12 Six: K12 Six, operated by Global Resilience Federation, is a new threat intelligence sharing community specifically focused on kindergarten through twelfth grade schools.
- OK-ISAC: Recently launched by the State of Oklahoma, the goal of OK-ISAC is to mitigate cybersecurity risks across Oklahoma by providing real-time monitoring, vulnerability identification, incident response and threat intelligence to its members and partners
- Texas Bankers Association (TBA): TBA operates a threat intelligence sharing community for member banks.
How ThreatBlockr Works with Industry Threat Intelligence
Since we know you’ve been reading our other blogs, you probably are already aware that one of the core focus areas at ThreatBlockr is to provide an open platform that allows you to deploy threat intelligence from multiple sources to protect your network. Clearly, industry threat intelligence is a critical source.
The ThreatBlockr platform makes it simple for users that are members of ISACs/ISAOs to integrate and take action with industry threat intelligence in real-time. As you can see in the below example, it just takes a few clicks to create an automated denied list based on industry-specific threat intelligence.
At ThreatBlockr, we are constantly expanding our integrations with ISACs/ISAOs and other sources of industry-specific threat intelligence. If there is a source we don’t currently integrate with that you would like to see just let us know!
When it comes to threat intelligence ThreatBlockr is all about allowing you to use best-in-class threat intelligence to secure your networks, data and users in real-time – wherever they are – on-prem, cloud, remote, or all of the above. This best-in-class comes from multiple sources including the threat intelligence data we provide “out of the box” as well as the many ways we make it easy for you to integrate threat intelligence from any source in real time.
In our coming blogs, we will take a closer look at partner integrations with a specific focus on Threat Intelligence Platforms.
If you are interested in learning more about how organizations are using ThreatBlockr to make threat intelligence actionable in a simple and scalable way join us for our upcoming webinar – Making Threat Actionable for Financial Services. We promise you don’t have to be a financial services organization to get value out of this webinar!
- If you are a current customer and have any questions, feel free to reach out to our customer support team at firstname.lastname@example.org
- If you’d like to learn more about ThreatBlockr platform integrations, visit the Integrations tab on www.threatblockr.com
- If you’d like to get started with ThreatBlockr platform today, contact email@example.com