Share Blog Post
- The new capability fosters real-time collective defense between two different ISACs or organizations by enabling them to alert each other of an ongoing security incident or threat that concerns all sharing partners.
- For example, an ISAC with members from the energy and power sector can proactively alert other ISACs of any ongoing power outage due to a cyberattack.
- Similarly, an ISAC with members from the financial services sector can notify other ISACs of phishing or Business Email Compromise (BEC) campaigns targeting finance and accounts teams in organizations.
- Moreover, ISACs can take cross-sectoral collaboration to the next level by leveraging each other’s deep-domain expertise for performing root cause analysis of respective threats and sharing the most effective learnings and mitigation strategies with each other.
- At the same time, enterprises can immensely benefit from this new capability as they can automatically alert their vendors or partners of any identified malicious attack or any new vulnerability that needs to be patched immediately.
- As a first step, CSAP Admins need to configure the API credentials of their sharing partners within the Integrations sections of the CSAP Dashboard.
- Thereafter, the CSAP Admins can define rules to trigger automated sharing of specific Alerts with their sharing partners. The rules can be defined as per the individual or combination of several parameters including TLP, Alert Category, or Information Source, as the need may be.
- Admins can also define rules to block the sharing of specific types of alerts such as TLP Red alerts to prevent any accidental disclosure of sensitive information.
- CSAP Admins can also configure the automation rules to enable direct sharing of Alerts, received from other ISACs or organizations, with their members or choose to save the received Alerts for review and enrichment.
Posted on: October 05, 2020
Get the Cyware Blog delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...