Cyber Threat Alliance’s Global Member Model: Bringing the International Cybersecurity Threat Community Together — 2022 Cyber Threat Intelligence Awardee

Additional Info

CompanyCyber Threat Alliance
Websitehttps://cyberthreatalliance.org/
Company size (employees)1 to 9
Headquarters RegionNorth America
Type of solutionService

Overview

As a non-profit, the Cyber Threat Alliance (CTA) helps protect the global digital ecosystem by sharing high-quality cyber threat information among some of the most prominent global cybersecurity companies, including Cisco, McAfee, Palo Alto Networks, and many more.

While many of CTA’s member companies are competitors, the organization has successfully created a trusted community, fostering a safe environment for companies to share threat research, intelligence, and assessments, thereby increasing the industry’s long-term knowledge of cyber threats, decreasing the industry’s response times to attacks, and enhancing its ability to protect our global systems.

CTA enables its members to share threat intelligence in both automated and analytic forms. Through its sharing platform, called Magellan, (https://cyberthreatalliance.org/about/our-sharing-model/). CTA member companies can share over thirty different indicators of compromise along with the associated context in near-real time. Currently, members share nearly 9 million observables per month using the STIX 2.0 format and MITRE ATT&CK framework. Members can use this shared information to improve their products and services to better protect their customers.

CTA’s analytic sharing forms the other half of the equation. Many of CTA’s 36 members routinely provide pre-publication access to blogs and intelligence reports describing malicious cyber activity, thereby sharing critical information related to research on significant cyber issues. This collaboration allows CTA members to leverage their data, analysis, and cybersecurity products to expose malicious activity, prevent additional harm, mitigate any risk as early and as effectively as possible, and improve the security of the entire digital ecosystem.

How we are different

1. Fosters and sustains collaboration and trustworthiness within the global cybersecurity community — because security is stronger when we work together.


2. Brings the world’s largest and most prominent cybersecurity companies — regardless of rivalry or business model — together to allow for the systematic thwarting of adversaries and to improve the security of the entire digital ecosystem.


3. Focuses on growing the number, type, and size of private entities that are members to increase the threat intelligence information available to members, and thus better protect customers and all of society as a whole.