Making one organization’s incident everyone’s defense
The Financial Services Information Sharing and Analysis Center (FS-ISAC), an organization focused on sharing critical cyber security threat information worldwide, and The Depository Trust & Clearing Corporation (DTCC), the post-trade market infrastructure for the global financial services industry, announced the formation of a strategic joint venture to develop and market automation solutions that advance cyber security capabilities and the resilience of critical infrastructure organizations, including financial services firms and others worldwide.
The joint venture, named Soltra, has been established to deliver software automation and services that collect, distill and speed the transfer of threat intelligence from a myriad of sources to help safeguard against cyber attacks.
A true cross-industry initiative, over 125 FS-ISAC members and representatives from other critical sectors, government entities and the private sector contributed to the requirements, architecture and design of Soltra’s automation software, the Soltra Edge solution.
Named after one of the best-known medieval beacon fire networks in Europe that warned of invaders, Soltra Edge will connect and streamline the flow of threat intelligence between communities, people, and devices by processing large amounts of threat data, improving efficiencies and enabling immediate action to counter the threat and mitigate risk. Soltra Edge is currently being tested by users and will be generally available in late 2014.
The solution has been designed to scale to support thousands of organizations and distill large amounts of data into actionable intelligence that is easy to understand and use. It leverages open standards including Structured Threat Information eXpression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII). The solution will include the platform, infrastructure and ecosystem to help individual organizations of all sizes, other Information Sharing and Analysis Centers (ISACs), Computer Emergency Response Teams (CERTs), industry bodies and private sector vendors to come together to streamline threat information sharing using STIX and TAXII.
“Today, most cyber threat information is provided manually to users from various, unconnected industry sources. Because of this, on average, it can take firms seven hours to evaluate each threat,” states Mark Clancy, CEO of Soltra, CISO of DTCC and Board Member of FS-ISAC. “With Soltra Edge, one organization’s incident becomes everyone’s defense. The solution will enable clients to send, receive, and store cyber security threat intelligence in a streamlined and automated format, enabling these firms to deploy safeguards against a potential cyber attack.”
“As a joint venture, Soltra has assembled a world-class team and support from some of the most respected companies in the world in order to architect and build a solution for tomorrow’s information sharing,” says Bill Nelson, president of Soltra and president and CEO of FS-ISAC. “Today’s threat intelligence sharing must occur at network speeds. It needs to reduce the workload for security analysts and for smaller organizations. It needs to be available for all critical sectors in order to share information within each sector and also cross-sector to increase resiliency from cyber threats.”