Cybersecurity groups pledge to work together
The three groups want to join forces to combat malicious software
IDG News Service - Three cybersecurity groups want to create a network of organizations and people focused on securing the Internet in an effort to combat malicious software.
The Anti-Spyware Coalition (ASC), the National Cyber Security Alliance and StopBadware.org rolled out a new program Tuesday called the Chain of Trust. The Chain of Trust Initiative will attempt to link together security vendors, researchers, government agencies, Internet-based companies, network providers and education groups in a united front against malware.
The U.S. government needs stronger partnerships with the private sector to identify criminals and stop attacks, said Shawn Henry, assistant director of the Cyber Division at the U.S. Federal Bureau of Investigation.
"We have to get intelligence information about the attacks in order for us to go and mediate them," Henry said at an ASC workshop in Washington, D.C.
In addition, the FBI helps private companies by sharing the information it has on attackers or methods, he added. "If we can identify specific signatures, if we can identify new attack vectors the adversaries are using, if we can get that intelligence out to the private sector, there's great value there," he said.
Attacks from three types of organized sources -- foreign intelligence agencies, terrorist sympathizers and organized crime -- are growing rapidly, Henry said. Asked how fast those types of attacks are growing, Henry declined to give solid numbers. "The trend is way up, and it's a steep increase," he added.
The goal of the Chain of Trust program is to create a united approach to fighting malware, said Ari Schwartz, ASC's coordinator and vice president at the Center for Democracy and Technology.
"Strong security in any one organization or sector is not enough to combat an agile, fast-evolving threat like malware, which exploits security breakdowns between entities," Schwartz said. "We all need to work together to build a system that can withstand and repel the next generation of exploits."
ASC, started four years ago, organized the larger Internet community to protest harmful nuisance adware, sometimes supported by legitimate advertising and venture capital groups, Schwartz noted. The united pressure has driven all the major nuisance adware companies out of business, he said.
The pressure made the nuisance adware vendors "have to decide whether to become legitimate players in the marketplace ... or go completely to the dark side and not be able to take that kind of mainstream funding," Schwartz said.
The first effort of the Chain of Trust Initiative will be to map the network of organizations and people that are working on cybersecurity, the groups said. The initiative will also focus on identifying vulnerabilities within the chain and on developing consensus solutions to cybersecurity problems.
The initiative plans to issue a paper with initial recommendations in the next six months.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts