With news this week of Facebook creating a Threat Exchange, it highlights the message that security firm AlienVault has been trying to get across for years - we are better protected when we work together to share information. Finally, it seems that message is getting through. Commenting on this and other pertinent news, Barmak Meftah, CEO, president and co-founder, AlienVault, said the following:
“With the latest news of Anthem’s data breach amid all of the big retailer point-of-sale system attacks we saw in 2014, it’s good to see President Obama attending the Stanford Summit on Cybersecurity this week. His presence at the event helps to put the spotlight on one of our industry’s biggest concerns, which is the lack of threat information sharing needed to protect confidential consumer data and enterprise IP. What we as an industry – spanning across public and private sector security teams – need to improve on is breaking down the silos of ‘how' and 'to whom’ threat data and threat intelligence is being shared. At AlienVault, we put our hat in the ring to help solve this problem back in 2012, when we released our Open Threat Exchange (OTX) – an open threat information sharing and analysis network.
We’ve seen the financial industry with FS-ISAC and retail industry with ISAC significantly increase their security posture by sharing threat data amongst peers. We commend them. We’ve also seen Facebook step up this week with a new threat intelligence platform for swapping threat data, with some big Internet players already on board for beta testing it. We commend them, too. But the truth is, threat data can't be shared in a vacuum if we’re aiming to protect all consumers and enterprises.
While companies like Anthem, Sony, and Target made headlines for their hacks and federal investigators jumped in to help, it’s important to note that small and medium-sized businesses are getting attacked just as frequently – and they often have less resources to detect, fend off and recover from those attacks. If Stanford's summit does put the government’s focus back on cybersecurity legislation, I hope that it includes integrating technology that makes cyber threat information and threat data widely available to any organization – regardless of size – to ensure all enterprises can stay ahead of attacks.”