Harnessing the power of information sharing
Information sharing plays a pivotal role in the realm of cybersecurity due to the dynamic and sophisticated nature of the cyber threats. It entails the exchange of intelligence, insights, and knowledge about cyber threats, vulnerabilities, and defensive measures among organisations, government agencies, security researchers, and relevant stakeholders.
Information sharing elevates the quality and depth of threat intelligence accessible to organisations. By aggregating data from diverse sources and collaborating with peers, organisations can obtain a broader understanding of the threat landscape, identify emerging trends, and acquire actionable insights to fortify their security defences. This collective knowledge aids in establishing more robust threat intelligence programmes and facilitates more accurate risk assessments.
Given the importance of Information Sharing in the cybersecurity ecosystem, and with the main goal of identifying, analyse, countering and sharing Security and Privacy (S&P) threats, TRUST aWARE makes use of the Malware Information Sharing Platform (MISP).
MISP is an open-source threat intelligence platform that facilitates the sharing, storing, and correlating IoCs of targeted attacks, threat intelligence, financial fraud information, vulnerability information, and even counter-terrorism information. MISP is used today in multiple organisations not only to store, share, collaborate on cyber security indicators (among closed, semi-private or open communities), but also to use the IoCs and information to detect and prevent attacks or threats against ICT infrastructures, organisations, or people. MISP users benefit from the collaborative knowledge about existing malware or threats. The aim of the platform is to help improving the countermeasures used against targeted attacks and set-up preventive actions and detection[1].
Within TRUST aWARE, MISP plays a central role as it supports the Threat Intelligence Privacy focused programme of the project, from the collection to the dissemination of information. In addition, TRUST aWARE leverages MISP to encourages open dialogue, knowledge exchange, and collaboration among various stakeholders, including CERTs like CERTFin – The Italian Financial CERT.
[1] https://www.circl.lu/services/misp-malware-information-sharing-platform/