Time
4 hours 12 minutes
Difficulty
Advanced
CEU/CPE
5

Video Transcription

00:00
hello and welcome to another lesson from the first module data collection.
00:05
This lesson is about a second type off external data collection sources, which is community. They test horses.
00:14
Let me start this video By defining our objectives
00:19
on this lesson, we will discover together the different types off community data sources. And why would you join any of these communities?
00:31
So the idea behind creating intelligence sharing communities was to make best practices on cyber threat information more accessible to companies.
00:42
So our organizations are no longer alone in this hostile environment. Basically, the roll off these communities Easter respond to cyber threats, vulnerabilities and incidents by providing a centralized organization to monitor, disseminate information
01:02
and help mitigate cybersecurity
01:04
strokes. Strong secondary objective is to keep this information confidential and away from malicious people.
01:17
The first type off these communities are information sharing and unlicensed centers or eyes X.
01:26
These communities were first establishing in the U. S. In 1998.
01:33
They were created in order to address us critical infrastructures, run averages and ah, they false facilitated the sharing off actionable cyber security intelligence among trusted organizations.
01:48
Ah, within an industry and also between sectors and exact or information sharing and the license center. He's an industry specific organizations that gathers on share information on cyber threats to critical infrastructure.
02:07
Eyes acts are trusted entities
02:09
established by ah si i k r or key or critical infrastructure key resource owners and operators in order to provide comprehensive sector analyzes, which is shared with within the same sector
02:30
with other sectors,
02:31
and even with the government
02:34
so exact. Also facilitate the sharing off data between public and private sector groups.
02:43
Many eyes axe are well resourced. They come with membership fees and have infrastructure and full fledged security operation centers for monitoring threats on a global scale.
02:58
So joining an egg Zack comes at a cost.
03:01
It's requires either financial our human resources from your organization. This means there must be a strong motivation to join an existing group or Jew potentially leaves a new one.
03:16
Ah, the National Council Off Ice Ax currently lists 21 member eyes acts, including those for financial automative, energy, communication sector, et cetera.
03:30
Now let's see the different types off ice ax.
03:32
Basically, there are three common types off ice ax. The first type is sector based. These eyes axe focus on organizations within the same sector and are mostly facilitated by the sector itself or by the government.
03:53
The second type is ah, country based.
03:57
These eyes axe focused more on cooperation and collaboration within specific country, and they are often governed by a sea CERT or computer security incident response team.
04:14
The third type is international Isaac's These Isaac's Connect a key persons for computer security
04:23
from organizations all over the group.
04:26
Now let's see somebody rations to join and I Zach.
04:30
There are several service is provided by Eyes Axe, including risk mitigation.
04:36
Rapid response are, in the case off an emergency ah, through the ability T o Contact and coordinate with members
04:46
also analyzes on relevant threats, vulnerabilities and incidents. Azaz also offer trainings and created reporting.
05:00
Members are in Isaac's benefit, have different benefits. It can very across the eyes axe, and it can include access to 24 by seven security operations briefings, white papers, threat calls,
05:18
webinars,
05:20
etcetera.
05:23
In this light, I added a few examples of available execs like automotive Zach Aviation exact communication. I Zack, I t I, Zach multistate a Zach,
05:38
and you can find the fullest off these guys axe on the official website off National Council Off Ice Ax.
05:47
Now let's move to the second type of community data sources, which is information sharing and analyzes organizations or eyes. Oh, these are the result of White House directive to promote ah voluntary cyber threat information sharing within industry sectors.
06:08
In February 2015 the president Obama signed an executive order directing the U. S Department of Homeland Security or the HSE Toe on cord Development off Icehouse for private companies, nonprofits, government departments
06:27
on and state a regional and local agencies.
06:31
Let's see what is an ISO and I sell is a group created together, analyze and disseminate cyber threat information
06:41
and, like I's axe the ice house are not directly tied to critical infrastructure sector.
06:48
Instead, Eyes I was offer a more freaks flexible approach to self organize it information sharing activities among communities off interest, such as small businesses across sectors, ah, legal accounting and consulting offers
07:09
that support cross sector clients.
07:12
The eyes are standards organization
07:15
currently lists more than 70 groups that it it's our that describes as being engaged in some level off information sharing activity.
07:26
This list includes both both sector specific Eyes Axe and the newer Icehouse. It might be based on faith, geography or roles such as corporate directors or officers.
07:43
I should also mention that on is how could be a single company facilitated sharing among their customers or partners
07:55
when it comes to, um, the main goal off, um, creating house? How the idea behind creating these guys. House wants to promote and alone any group of companies, organizations or entities to work together
08:13
in order to share information
08:16
or to share a threat information. And according to the director off Cyber Joint Program Management office as a d a. Chess Ah, the main goal of creating and promoting Isis house was to make to make it to make sharing
08:35
is here
08:37
for all organizations. Um,
08:41
even if they don't belong to you and Zach.
08:46
So here. Ah, the same thing as, ah, the help of the exact part. Ah added this list containing some examples off ice house, including a CSC advance it Cyber security Security center, D. H s, um
09:05
also see our eyes or cyber resilient and resilience Institute on. And, um, I added, the source eyes out, or go where you can find a full list of Ice House and some guy Zach or sector basic ice ax.
09:24
We've come to the end off this lesson in this video we've seen are the different types off the immunity data sources, including Ice Ax and Ice House. Each of the two community types we've seen their history. What are these communities?
09:43
And, ah, we've seen the benefits of joining one of these two communities,
09:48
and it's important to choose wisely the community you want to belong to or to subscribe to. Uh,
09:56
because you will need to get the most the most out off this intelligence that's shared within the community.
10:07
For example, if you are a bank or any financial institution Ah, then joining, for example, FF Zach is a good choice for you.
10:18
Now that you've seen two different types of external latest forces, including private data collection sources and community ah, data collection sources, we will have only one type left are so wait before making a choice
10:35
because you might be interested by the public data sources. Ah, this is what you are going to see in the next video, so don't miss it.

Up Next

Advanced Cyber Threat Intelligence

Advanced Cyber Threat Intelligence will benefit security practitioners interested in preventing cyber threats. Learn how to leverage your existing data sources to extract useful information and find complementary information from external sources.

Instructed By

Instructor Profile Image
Alyssa Berriche
Instructor