Tuesday, November 05, 2013

The Internet's Neighborhood Watch

The Neighborhood Watch dates back to July 1, 1700 in Colonial Philadelphia with the passage of the Safe Streets bill. With no police department yet established, citizens took turns as the appointed watchmen to "go round ye town with a small bell in ye night time, to give notice of ye time of night and the weather, and anie disorders or danger."

In many ways, cyberspace today feels like Colonial Philadelphia - fraught with "disorders and dangers" and no police force capable of apprehending the offenders. No wonder then that last February President Obama signed an executive order calling on Americans in the public and private sector to establish the equivalent of a cyber Neighborhood Watch.
"It is the policy of the United States to enhance the security and resilience of the Nation's critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties. We can achieve these goals through a partnership with the owners and operators of critical infrastructure to improve cybersecurity information sharing..."
But sharing cyber threat data is shockingly rare, despite the fact that for the last two decades, hackers have steadily organized a vibrant industry around the tools and services needed to launch cyber attacks --credit card credentials, script kiddies, zero day vulnerabilities, bot armies, and other staples of cyberwarfare are sold through web sites and channels similar to those associated with legitimate IT purchases. And yet up until 12 months ago, when a wave of cyber attacks against US banks, government agencies and media sites exposed our economy's soft underbelly, no enterprise would ever voluntarily discuss its security infrastructure, let alone acknowledge a breach or even an attack, lest they worry their constituents.

But in those 4 months from October 2012 to February 2013, everything changed. A steady drumbeat of DDoS attacks rendered our banks offline and, for the first time, account holders have demanded their banks openly address the problem. In a novel gesture of transparency and collaboration, Bank of America actually asked the Feds for help.

The US has responded by organizing industry and government to start collaborating, so that cyber attackers, as they are detected, cannot simply jump from target to target. Twenty nine federal agencies today share real-time threat data stemming from cyber incidents through an exchange integrated with all the heterogeneous security infrastructure across those agencies. Suspect IP addresses, bad app signatures, malicious domain names, fraudulent host names, and other types of black lists are now updated in real time to broadly deflect attacks as they are discovered.

Furthermore, this federal "ActiveTrust Exchange" has now been opened up to large commercial enterprises, including financial institutions (like BVP) and some mega Silicon Valley tech companies. The President's vision of a national Neighborhood Watch is now a reality.

Paul Ferguson, VP Threat Intel
The company that developed and operates ActiveTrust is Internet Identity ("IID"), a somewhat obscure company in Tacoma, Washington with deep security DNA. IID is pioneering the idea that security technology should be decoupled from security data - that you can't rely on your vendor of security hardware and software to also provide you with all the intelligence you need to filter bad traffic. Your security gear is only as good as the blacklists they enforce; without up-to-date cyber intel, you can't repel the motivated and highly targeted cyber attack.

IID now sells various services and intelligence feeds, but the primary product is membership in the ActiveTrust exchange. ActiveTrust includes highly sophisticated governance modules to anonymize and regulate what you share (to satisfy the lawyers) and what you ingest (to weed out the George Zimmermans from your Neighborhood Watch).

Based on the success of these recurring revenue services, IID has profitably bootstrapped. But the government's collaboration initiative is so important to the viability of the internet that I'm proud to report that I've reached out to IID and Bessemer has just led their first round of venture capital. The Company is now very well funded to invite many more members to join ActiveTrust, starting with critical infrastructure.

I invite you to contact sales-AT-internetidentity.com to apply for membership in ActiveTrust. Let's work together to "to give notice of ye time of night and the weather, and anie disorders or danger."

No comments:

Post a Comment