Real-time cyber threat information sharing: new platform from ServiceNow
This year, ServiceNow unveiled the Trusted Security Circles cloud platform. It helps fight cyber threats by exchanging information between companies and security experts.
/ Flickr / wikimedia commons / cc
Together with the new release of Jakarta, the ServiceNow platform offered enterprises the opportunity to share and receive relevant information about threats in real time. Usually, in the fight against cyber-attacks, security officers of individual companies were left alone with the threat, but now they can request data from suppliers and partners. With the help of Trusted Security Circles, organizations control how and with whom they share their data.
')
Information about cyber threats often does not spread further to the affected company due to possible reputational losses. Not all businesses are willing to recognize security vulnerabilities, so Trusted Security Circles allows you to share information anonymously. As explained by ServiceNow user Susan Smith (Suzanne Smith), in the privacy mode, companies can choose to receive information about threats from their colleagues in a particular industry or on a location basis. This is how peculiar “circles of awareness” are formed.
When a security team sees suspicious activity on its network, it can form a request within a specific community. If the number of such requests exceeds the set threshold, the incident is automatically redirected to ServiceNow Security Operations, the internal threat response service, which can speed up the response.
Thus, the new technology allows ServiceNow user organizations to stay abreast of upcoming attacks and arm themselves with the necessary information coming from colleagues.
ServiceNow Vice President Sean Convery (Sean Convery) in August, said that the company's main cyber security tool is a single platform that involves integration with third-party security service providers. According to Sean, ServiceNow currently has 40 suppliers that, among other things, generate useful information for users. It is the basis of Trusted Security Circles.
/ Flickr / frankieleon / CC
In addition to ServiceNow, one or another solution in the same area was previously offered by both private companies and government departments. For example, in 2015, IBM announced the launch of its IBM X-Force Exchange platform based on the IBM Cloud. This solution provides access to IBM datasets and third-party threat information. The system works on the basis of certain indicators of cyber-attacks in real time.
The Center for the Exchange and Analysis of Information in the Financial Sector of NC4 operates according to a similar principle. A similar initiative is going to be implemented by the National Bank of the Republic of Belarus to combat computer attacks based on the exchange of information about threats. Canada also has its own non-profit organization for the voluntary exchange of information. The US, UK and Hong Kong authorities at the legislative level encourage and call for the automation of the provision of information about threats.
As noted by the head of IT security at Cubic Corp. Adam Rice (Adam Rice), the main obstacle to the exchange of information is the trust between competitors and partners in the market. In his opinion, the process should guarantee the accuracy of the information provided about the threats, incidents should be available for verification, and the identity of each member of the information exchange community should also be established.
In this case, there can be talk about trust and, therefore, about a mutually beneficial environment. By and large, the ServiceNow platform acts as the verifier that makes the exchange of information effective.
PS Additional reading on the topic in our corporate blog:
/ Flickr / wikimedia commons / ccHow Trusted Security Circles Works
Together with the new release of Jakarta, the ServiceNow platform offered enterprises the opportunity to share and receive relevant information about threats in real time. Usually, in the fight against cyber-attacks, security officers of individual companies were left alone with the threat, but now they can request data from suppliers and partners. With the help of Trusted Security Circles, organizations control how and with whom they share their data.
')
Information about cyber threats often does not spread further to the affected company due to possible reputational losses. Not all businesses are willing to recognize security vulnerabilities, so Trusted Security Circles allows you to share information anonymously. As explained by ServiceNow user Susan Smith (Suzanne Smith), in the privacy mode, companies can choose to receive information about threats from their colleagues in a particular industry or on a location basis. This is how peculiar “circles of awareness” are formed.
When a security team sees suspicious activity on its network, it can form a request within a specific community. If the number of such requests exceeds the set threshold, the incident is automatically redirected to ServiceNow Security Operations, the internal threat response service, which can speed up the response.
Thus, the new technology allows ServiceNow user organizations to stay abreast of upcoming attacks and arm themselves with the necessary information coming from colleagues.
ServiceNow Vice President Sean Convery (Sean Convery) in August, said that the company's main cyber security tool is a single platform that involves integration with third-party security service providers. According to Sean, ServiceNow currently has 40 suppliers that, among other things, generate useful information for users. It is the basis of Trusted Security Circles.
/ Flickr / frankieleon / CCInformation sharing solutions - established trend
In addition to ServiceNow, one or another solution in the same area was previously offered by both private companies and government departments. For example, in 2015, IBM announced the launch of its IBM X-Force Exchange platform based on the IBM Cloud. This solution provides access to IBM datasets and third-party threat information. The system works on the basis of certain indicators of cyber-attacks in real time.
The Center for the Exchange and Analysis of Information in the Financial Sector of NC4 operates according to a similar principle. A similar initiative is going to be implemented by the National Bank of the Republic of Belarus to combat computer attacks based on the exchange of information about threats. Canada also has its own non-profit organization for the voluntary exchange of information. The US, UK and Hong Kong authorities at the legislative level encourage and call for the automation of the provision of information about threats.
As noted by the head of IT security at Cubic Corp. Adam Rice (Adam Rice), the main obstacle to the exchange of information is the trust between competitors and partners in the market. In his opinion, the process should guarantee the accuracy of the information provided about the threats, incidents should be available for verification, and the identity of each member of the information exchange community should also be established.
In this case, there can be talk about trust and, therefore, about a mutually beneficial environment. By and large, the ServiceNow platform acts as the verifier that makes the exchange of information effective.
PS Additional reading on the topic in our corporate blog:
Source: https://habr.com/ru/post/337826/
All Articles