The exchange of information about cyber threats in real time: a new platform from ServiceNow
Material posted: Publication date: 15-09-2017
This year the company ServiceNow has introduced a cloud-based platform Trusted Security Circles. It helps to combat cyber-threats by sharing information among companies and professionals in the field of security.

How it works Trusted Security Circles

Along with the new release of Jakarta the ServiceNow platform offered businesses the ability to share and obtain relevant threat information in real time. Usually in the fight against cyber-attacks, the security personnel of individual companies was left alone with the threat, but now they can request data from suppliers and partners. Using Trusted Security Circles of the organization control how and with whom they share their data.

Information about cyber threats often does not extend beyond the injured company because of the possible reputational losses. Not all companies are willing to admit the vulnerability of security systems, therefore the Trusted Security Circles allows you to share information anonymously. As explained by the user ServiceNow Susan Smith (Suzanne Smith), the confidentiality of the company can select the option to receive information about threats from their peers in a specific industry or location based. This acts as a kind of "circles of awareness".

When the security team sees suspicious activity in its network, it can query within a certain community. If the number of such requests exceeds the threshold, an incident will automatically be redirected to the ServiceNow Security Operations internal service responding to threats that can speed up the response.

Thus, the new technology allows the user organization Manager to stay informed of upcoming attacks and armed with the necessary information from colleagues.

Vice-President of the ServiceNow Sean Convery (Sean Convery) in August said that the main tool of the cyber security team provides a single platform that involves integration with third-party providers of security services. In the words of Sean, ServiceNow at the moment there are 40 suppliers, which among other things generate useful information for users. It is the basis of Trusted Security Circlюes.

Decision on exchange of information — established trend

In addition to ServiceNow certain decisions in the same area was previously proposed as private companies and government departments. For example, in 2015, IBM has announced the launch of its IBM X-Force Exchange based on IBM Cloud. This solution provides access to data sets IBM and information about third-party threats. The system works on the basis of certain indicators of a cyber attack in real time.

Similarly to the work Center of the exchange and analysis of information in the financial sector from NC4. A similar initiative is going to implement the national Bank of the Republic of Belarus to combat computer attacks on the basis of the exchange of information about threats. Canada also has its own non-profit organization for the voluntary exchange of information. The US authorities, the UK and Hong Kong at the legislative level to encourage and call for automation of providing information about threats.

As noted by the head of Department IT-security Cubic Corp. Adam rice (Adam Rice), the main obstacle to information sharing is trust between competitors and partners in the market. In his opinion, the process should guarantee the veracity of information about threats, incidents must be available for inspection and affiliation of each member of the community information exchange must also be installed.

In this case, it may be a question of trust and, therefore, mutually beneficial environment. By and large, the ServiceNow platform supports the verifier, which makes the exchange of information effective.


Source: https://habrahabr.ru/company/it-guild/blog/337826/

Tags: information war , information Society