Cyber Threat Alliance Chief: ‘We Need to Make Life Difficult for Hackers’
Add bookmarkThe newly incorporated nonprofit Cyber Threat Alliance announced at the annual RSA Conference in San Francisco this month it had appointed its first-ever leader, dubbing Michael Daniel as the organization’s first president.
Daniel is the former Special Assistant to the President and Cybersecurity Coordinator for the White House. Cyber Security Hub caught up with Daniel shortly after the announcement to discuss the nonprofit’s forward focus and the state of cyber security as a whole. Take a look at how the conversation went.
Enterprise Mobility Exchange: What’s ahead for the CTA, and what intrigued you about the group?
Michael Daniel: There are three items, really, that we’ll be focusing on going forward. First, we need to enable automated sharing of a rich set of information amongst cybersecurity professionals across the entire digital ecosystem, which will help them provide better value to customers. Second, that will start to push the cybersecurity community into a “what they do with what they know” focus and help everyone involved. Lastly, if the CTA is able to succeed, we’ll make life difficult for low-end criminals and miscreants. It’ll clear out the underbrush and make less places for high-end hackers to hide. All that gives law enforcement better capabilities to go after (hackers).
EME: How does your experience at the White House translate into leading this charge?
MD: I’m able to bring a strategic view to the Cyber Threat Alliance from my days as a member of the National Security Council. We can now have a full ecosystem-wide focus which will enable us to work with partners around the globe.
EME: Where does mobility fit into this alliance, and what role does it play into the future strategy?
MD: Mobility fits directly into all our initiatives. Take a look at IoT. We act like this is something new, but in five years we’ll just call it the Internet. It’ll just be folded into what we already know and use, and be part of the global Internet. If our threat sharing doesn’t include all vectors, then it’s insufficient. We’ll be tracking information that covers the entire ecosystem.
EME: Does CTA want to expand or stay smaller and more intimate?
MD: We very much want to grow. Do we want thousands upon thousands of members? No, but we want to grow beyond current membership to make sure we’re covering the ecosystem as much as possible. That’s certainly part of our strategic planning: what’s our target? 40 members? 400? We haven’t fully assessed that piece just yet.
EME: What should non-tech companies fear most in terms of cybersecurity? Simple phishing attempts, major network hacks?
MD: You can never protect everything all the time, equally. If you try, you’ll fail. Enterprise risk management needs to be focused on, and companies need to think of cybersecurity as a risk, just like litigation, for example, and bring a holistic approach to it. The NIST cybersecurity framework is really good at doing that: identifying information assets and why they’re important; detecting intruders; protecting information assets; responding when you have an incident; and recovering when you have an incident. It’s not the most fun or sexy part of business, but it needs to be done. When you’re painting a room, no one likes having to paint the trim, remove the wall plates, and so on. But when that’s taken care of, it makes the painting project more efficient. That’s the same for taking a holistic enterprise risk approach to cybersecurity.
As its first order of business as a standalone nonprofit, CTA is developing and deploying an automated threat intelligence-sharing platform that enables members to integrate real-time, actionable intelligence into their products to better protect global customers.
“Our greatest weapon in the defense against cyber attackers is the vast power of our combined data and insights,” said Greg Clark, CEO of Symantec in a statement. “Possessing one of the world’s largest pools of treat data carries significant responsibility, and the CTA provides us with an important coordinating mechanism to enable rapid sharing of that threat intelligence with global businesses. In today’s hyper-connected world, a single piece of malware could cripple global economies or even put lives in danger. The technology investments we’re making as members of the alliance aims to strengthen the protection of people everywhere.”
The CTA currently claims as its members Check Point Software Technologies, Cisco, Fortinet, Intel Security, Palo Alto Networks, and Symantec. CEOs and other executives of those member companies combine to make up the CTA’s board and leadership team.
