August 20, 2014
Tom De Santes in MA Michael Semmens in CO
In an unprecedented victory for cyber security, the Advanced Cyber Security Center (ACSC) in Boston, Mass., and the Western Cyber Exchange (WCX) Network Laboratory in Colorado Springs, Colo., successfully and securely exchanged cyber threat messages using leading cyber analytic tools. This exchange demonstrated the possibility of a national and global network of organizations sharing cyber threat information—known as a cyber federation—to help secure the cyber domain and protect critical infrastructure such as financial services, pipelines and utilities.
Michael Semmens, WCX chair and co-founder, said, “The capability demonstrated in this exercise is vital to our collective ability to secure and, in turn, take advantage of ‘all things cyber,’ including the smart grid, virtual factories, and advanced healthcare. WCX is grateful to our partners—the ACSC, The MITRE Corporation and the Department of Homeland Security—for helping make this capability a reality.”
The demonstration was made possible using CRITs (Collaborative Research into Threats), a threat intelligence platform developed by MITRE as an operational prototype to facilitate aggregation, analysis and sharing of cyber threat information. CRITs leverages STIX (Structured Threat Information Expression)—a language for the description of cyber threats—and TAXII (Trusted Automated eXchange of Indicator Information)—a protocol for exchanging STIX messages. Both STIX and TAXII are community-developed structured data exchange formats created and led by the U.S. Department of Homeland Security.
“Since 2010, the ACSC has been breaking ground with a trust-based threat share model that has delivered actionable intelligence for nine out of ten participants,” said Charlie Benway, ACSC executive director. “To further strengthen the security posture for our members, we are committed to expanding secure threat sharing capabilities with peer groups in other regions of the U.S. This successful exercise is a monumental step toward building a cyber federation.”
Cyber threats are asymmetric and must be countered by timely intelligence supporting the early identification and remediation of malicious and illegal attacks. The use of CRITs provides the analytic capabilities needed to discover patterns and trends, and enable analysts to securely share the resulting intelligence.
“We’re working with our partners to move the needle in the direction of an active, threat-based defense,” said Gary Gagnon, senior vice president and chief security officer of MITRE, a non-profit organization that operates research and development centers sponsored by the federal government. “We need to approach this as a team sport and find ways to facilitate threat sharing across both public and private sectors.”
WCX, the ACSC and MITRE share the vision of creating a cyber federation, overlaying a neighborhood watch model onto the cyber domain. New England’s ACSC, a consortium of leading industry, university, and government organizations working together to address advanced cyber threats, and the WCX, operating in Colorado, New Mexico, and Wyoming, are the first two member-based consortia to take this step.
About the Advanced Cyber Security Center
A non-profit consortium launched and supported by Mass Insight Global Partnerships, the Advanced Cyber Security Center (ACSC) brings together New England’s leading industry, university, and government organizations to address the most advanced cyber threats. The ACSC focuses on sharing cyber threat information, engaging in next-generation cybersecurity research and development, creating education programs, and advancing public policies that will enhance security. The ACSC was launched and is supported by Mass Insight.
About the Western Cyber Exchange
The WCX includes the states of Colorado, New Mexico, and Wyoming with the WCX Laboratories in Colorado Springs. WCX has been promoting a new, grassroots approach to collective cybersecurity since 2010. The WCX is the first organization of its kind‑ a public/private partnership designed to share information related to ever-increasing cybersecurity threats, support workforce development through education and training programs, and the development of new technology through research and development programs. WCX is a non-profit, member organization which includes members from utilities, the defense industrial base, education, manufacturing, the IT sector, and finance. For this threat exchange demonstration, WCX was supported by Imprimis Inc., an advanced engineering and technology firm and a founding member of WCX.