The Information Sharing and Analysis Organization Standards Organization (ISAO SO) launched its inaugural ISAO Ecosystem Spotlight webinar on Wednesday, March 21, 2018. The new bi-monthly webinar series kicked off by highlighting an industry hot topic by covering recent updates to the Department of Homeland Security’s (DHS) Automated Indicator Sharing (AIS) portal and the ISAO focused vendor, NC4.
This new webinar series will continue to spotlight alternating topics of interest found throughout the information sharing ecosystem, from Hot Topic to Technical Spotlights. These webinars are open to the entire ISAO community.
This first webinar featured a presentation from James Murphy, with the Department of Homeland Security Office of Cyber Security and Communications, where he shared how DHS is updating their AIS portal. Murphy highlighted how AIS is about volume and velocity of sharing indicators, not human validation, and that AIS has shared 2.1 million unique indicators since launching in March 2016.
Murphy added that the AIS is seeking additional context on indicators and confidence scoring to help designate severity of a threat from the community. However, industry feedback has shared that the timeliness of AIS data is a plus and there are fewer technical obstacles than the outset. New capabilities with STIX 2.x offers additional methods of sightings, opinions and courses of action. He went on to share many of the Cyber Information Sharing and Collaboration Program offerings available to members.
“Our goal for each ISAO Ecosystem Spotlight is to provide the information sharing community with timely and relevant information that will provide valuable insights for ISAOs,” said Natalie Sjelin, director of ISAO Support. “We truly appreciate everyone that participated in this inaugural webinar to help us create an informed and empowered information sharing community.”
Following the AIS presentation, the Vendor Spotlight featured Director of Product Management Chris Needs with NC4. Need’s shared how NC4’s cyber threat intelligence is about a strength in numbers through human collaboration and machine automation. They work to combine threat collaboration and coordination efforts with automated threat sharing technology to improve their value within the ISAO community.
Sjelin began the webinar by highlighting a few updates from the ISAO SO, including the upcoming International Information Sharing Conference on Sept. 11-12, 2018 and a reminder about an open RFC comment period for document ISAO 200-1 on Foundational Services and Capabilities.
Slides and recordings are now available. The next webinar will be held on May 23, 2018 and provide a Technical Spotlight from R-CISC and a Vendor Spotlight from TruStar.