Published on the 10/11/2016 | Written by Newsdesk
Automation for more meaningful cyber threat chats…
Improved collaboration is essential for protection against the ever-shifting landscape of information security, says the New Zealand Internet Task Force (NZITF) announcing it is introducing a platform ‘which consolidates cyber threat intelligence from multiple sources to foster in-depth analysis, and enables easier information sharing with trusted partners’.
The EclecticIQ Platform, said NZITF in a statement, makes extensive use of STIX and TAXII, which are open-source standards enabling automation of threat intelligence and incident response workflows. EclecticIQ is a Deloitte Fast50 winner and is headquartered in Amsterdam.
With cyberattacks, the time which elapses between a compromise occurring and the target realising it is a crucial window in which the hacker can do their dirty work. The time taken to detect new threats is similarly crucial: known threats can be mitigated against more effectively than unknown ones.
And, as Tripwire’s David Meltzer made clear in a thoughtful piece which takes a look at STIX and TAXII, ‘If we could meaningfully improve how we communicate with each other – between our peers in the security industry, between security products inter-operating with each other, and by leveraging the communities we already have – I believe we would all become more effective in protecting our customers’.
Further, explained NZITF chair Barry Brailey, ‘information sharing is an important part of working to combat cyber threats, and a tactical imperative as the number of global security incidents continues to rise.’
“EclecticIQ Platform provides a central hub for us to gather, digest, normalise and de-duplicate intelligence from our member base. We can streamline and funnel information coming from many different places into a single view, giving us instant access to information that we’ve previously only ever shared via email and face to face,” he added.
With the agreement, members of the NZITF can access EclecticIQ Platform through an online portal, where they can share information about malware and other online threats among themselves and with New Zealand’s wider cyber security community.
“Our agreement with EclecticIQ is a step along the road towards more automated data sharing for the Task Force which, ultimately, is a good thing for New Zealand’s overall security posture,” Brailey said.
EclecticIQ CEO Joep Gommers said the agreement positions the NZITF to make better use of the increasing volume of cyber threat intelligence. “In helping defend and mitigate cyber-based threats, the Task Force needs to be able to collaborate, and to quickly and easily share information.”
