Cyber Threat Alliance Expands Mission through Appointment of President, Formal Incorporation as Not-for-Profit and New Founding Members

Former White House Cybersecurity Leader Joins CTA to Drive Alliance Mission of Improving Global Defenses Against Cyber Adversaries; Six Industry Leaders Collaborate on Automated Threat Intelligence Sharing Platform.


(From left to right: Chris Young, Senior Vice President and General Manager, Intel Security Group; Michael Daniel, CTA President; Mark McLaughlin, Chairman and CEO, Palo Alto Networks; Amnon Bar-Lev, President, Check Point; Marty Roesch, Vice President and Chief Architect, Cisco Security Business Group; Greg Clark, CEO, Symantec; Ken Xie, Founder, Chairman of the board, CEO, Fortinet)

Taguig, Philippines – February 20, 2017 – The Cyber Threat Alliance (CTA) recently announced the appointment of Michael Daniel as the organization’s first president and its formal incorporation as a not-for-profit entity. Additionally, founding Members Fortinet® (NASDAQ: FTNT), Intel Security, Palo Alto Networks (NYSE: PANW), and Symantec (NASDAQ: SYMC) recently announced the addition of Check Point® Software Technologies Ltd. (NASDAQ: CHKP) and Cisco (NASDAQ: CSCO) as new alliance founding Members. Together, the six founding Members have contributed to the development of a new, automated threat intelligence sharing platform to exchange actionable threat data, further driving the CTA’s mission of a coordinated effort against cyber adversaries.

News Summary
·The CTA incorporated as a not-for-profit in January 2017 and appointed Michael Daniel as its first President in February. Daniel was formerly Special Assistant to the President and Cybersecurity Coordinator for the White House.

·The CTA has expanded to include Check Point Software Technologies and Cisco as new founding Members who joined pre-incorporation.

·The CTA’s inaugural Board of Directors includes the CEOs and senior leadership of six major cybersecurity vendors: Check Point, Cisco, Fortinet, Intel Security, Palo Alto Networks and Symantec.

·The CTA outlines its corporate purpose as a not-for-profit: to share threat information in order to improve defenses against cyber adversaries across member organizations and protect customers; to advance the cybersecurity of critical IT infrastructures; and to increase the security, availability, integrity and efficiency of information systems.

· The first CTA project as a standalone entity is the development and rollout of a new, automated threat intelligence-sharing platform that enables Members to integrate real-time, actionable intelligence into their products to better protect global customers.

·In addition to expanding its founding Members, the CTA has added new affiliate Members, including IntSights, Rapid7 and RSA, who join existing Members Eleven Paths and ReversingLabs.

CTA Formalizes as an Independent Not-for-Profit Entity
Founded and actively sharing threat intelligence since 2014, the CTA has evolved to an independent organization with Michael Daniel as its President and a Board of Directors comprised of its six founding Members, Check Point, Cisco, Fortinet, Intel Security, Palo Alto Networks and Symantec. Daniel brings extensive expertise to the CTA in developing strategic cyber partnerships and programs that span the private and public sector, as well as other nations to build the most effective security solutions. The CTA’s move to an incorporated entity signifies the commitment by industry leaders to work together to determine the most effective methods for sharing automated, rich threat data and to make united progress in the fight against sophisticated cyber attacks.

Since inception, the CTA has regularly exchanged information on botnets, mobile threats and indicators of compromise (IoCs) related to advanced persistent threats (APTs), and advanced malware samples. Notable milestones of the CTA’s cooperative efforts cracked the code on CryptoWall version 3, one of the most lucrative ransomware families in the world, totaling more than US $325 million ransomed. The CTA’s research and findings pushed cybercriminals to develop CryptoWall version 4, which the CTA also uncovered and resulted in a much less successful attack, validating the power of the CTA’s cooperative threat intelligence sharing.

These coordinated efforts demonstrate that all Members of the CTA believe in protecting the common good of the Internet by sharing intelligence to combat sophisticated global cyberattacks. By bringing together industry competitors contributing their unique threat insights, the CTA builds a comprehensive view of important threat actors. With enriched understanding and enhanced protections against global attacks, members can better protect customers in real time and prioritize resources based on collective knowledge.

Information Sharing Platform Automates Collaboration on Contextual Threat Intelligence
With co-development from its six founding Members over the past year, the new CTA platform automates information sharing in near real-time to solve the problems of isolated and manual approaches to threat intelligence. The platform better organizes and structures threat information into Adversary Playbooks, pulling everything related to a specific attack campaign together in one place to increase the contextual value, quality and usability of the data. This innovative approach turns abstract threat intelligence into actionable real-world protections, enabling Members to speed up information analysis and deployment of the intelligence into their respective products.

To foster continued collaboration and incentivize meaningful threat data, the new CTA platform requires Members to automate their intelligence sharing contributions, meet a minimum contribution every day, and rewards contextualized, unique intelligence. Members will eventually be rewarded with greater levels of access based on the value and volume of the information they have contributed.

In addition to its core mission of coordinated information sharing, the CTA is also the first industry trade association designed by and exclusively for cybersecurity practitioners. Representing the collective voice of industry leaders, the CTA is committed to help shape industry best practices and continue to ensure that the most effective security is being delivered for individual customers and organizations around the world.